Introducing CDNLite: A Self-Hosted Private CDN Control Plane

vaheeD — Fri, 26 Jun 2026 18:45:03 +0000

Most CDN platforms are powerful, but they are usually closed, managed, and outside your own infrastructure.

CDNLite is an open-source, self-hosted private CDN control plane and edge platform for companies, hosting providers, labs, and internal infrastructure teams.

It is built for teams that want more control over their CDN, DNS, WAF, cache, SSL, and edge operations.

CDNLite is not trying to replace Cloudflare, Fastly, or Akamai.

It is a practical foundation for running your own private CDN-style platform.

What CDNLite does

CDNLite brings the main parts of a private CDN platform into one place:

Domain lifecycle management
DNS-only and proxied modes
PowerDNS and DNSGeo publishing
OpenResty/Lua edge proxy
Cache rules and purge workflows
WAF rules and rate limits
IP access rules
ACME DNS-01 SSL workflows
Edge node registration and heartbeat
Signed edge-agent sync
Security events and audit logs
Health checks and operational reports
Vue dashboard
PHP control plane
PostgreSQL backend

The goal is simple:

Give operators a visible and auditable way to manage private CDN, DNS, WAF, SSL, cache, and edge infrastructure.

Who is CDNLite for?

CDNLite is useful for:

Hosting providers building private CDN or edge services
Companies that want their own CDN layer
DevOps and platform teams managing internal edge infrastructure
Labs and controlled production experiments
Engineers learning CDN, DNS, WAF, PowerDNS, DNSGeo, and OpenResty architecture

Why I built it

Many teams start with NGINX, a few scripts, and manual DNS changes.

That works in the beginning.

But after a while, you need more than a reverse proxy.

You need:

Domain management
DNS publishing
Edge health checks
Cache policies
WAF rules
SSL automation
Audit history
Security event tracking
Operational visibility

CDNLite is built to bring these pieces together into one self-hosted platform.

Quickstart

cp .env.example .env
docker compose up -d --build

curl -fsS http://localhost:8080/health
curl -fsS http://localhost:8081/health

Then open the dashboard:

http://localhost:8082

Local development credentials:

admin / admin

These credentials are only for local development. Do not use them in shared or production environments.

Current status

CDNLite is suitable for labs, demos, private deployments, and controlled production experiments.

For serious production use, operators should still review hardening, TLS, secret rotation, backups, monitoring, authentication, and network isolation.

The roadmap includes:

RBAC
OIDC/SAML SSO
Stronger tenant isolation
Prometheus and Grafana improvements
Kubernetes and Helm deployment
Terraform examples
HA control plane documentation
More WAF, cache, and deployment policy templates

GitHub

CDNLite is MIT licensed and open for contributions.

Repository:

https://github.com/vaheed/CDNLite

I would love feedback from people working with CDN infrastructure, DNS automation, WAF rules, OpenResty, hosting platforms, or self-hosted edge systems.