DEV Community

Cover image for Introducing CDNLite: A Self-Hosted Private CDN Control Plane
vaheeD
vaheeD

Posted on

Introducing CDNLite: A Self-Hosted Private CDN Control Plane

#opensource #selfhosted #devops #cdn

Most CDN platforms are powerful, but they are usually closed, managed, and outside your own infrastructure.

CDNLite is an open-source, self-hosted private CDN control plane and edge platform for companies, hosting providers, labs, and internal infrastructure teams.

It is built for teams that want more control over their CDN, DNS, WAF, cache, SSL, and edge operations.

CDNLite is not trying to replace Cloudflare, Fastly, or Akamai.

It is a practical foundation for running your own private CDN-style platform.

What CDNLite does

CDNLite brings the main parts of a private CDN platform into one place:

  • Domain lifecycle management
  • DNS-only and proxied modes
  • PowerDNS and DNSGeo publishing
  • OpenResty/Lua edge proxy
  • Cache rules and purge workflows
  • WAF rules and rate limits
  • IP access rules
  • ACME DNS-01 SSL workflows
  • Edge node registration and heartbeat
  • Signed edge-agent sync
  • Security events and audit logs
  • Health checks and operational reports
  • Vue dashboard
  • PHP control plane
  • PostgreSQL backend

The goal is simple:

Give operators a visible and auditable way to manage private CDN, DNS, WAF, SSL, cache, and edge infrastructure.

Who is CDNLite for?

CDNLite is useful for:

  • Hosting providers building private CDN or edge services
  • Companies that want their own CDN layer
  • DevOps and platform teams managing internal edge infrastructure
  • Labs and controlled production experiments
  • Engineers learning CDN, DNS, WAF, PowerDNS, DNSGeo, and OpenResty architecture

Why I built it

Many teams start with NGINX, a few scripts, and manual DNS changes.

That works in the beginning.

But after a while, you need more than a reverse proxy.

You need:

  • Domain management
  • DNS publishing
  • Edge health checks
  • Cache policies
  • WAF rules
  • SSL automation
  • Audit history
  • Security event tracking
  • Operational visibility

CDNLite is built to bring these pieces together into one self-hosted platform.

Quickstart 

cp .env.example .env
docker compose up -d --build

curl -fsS http://localhost:8080/health
curl -fsS http://localhost:8081/health
Enter fullscreen mode Exit fullscreen mode

Then open the dashboard:

http://localhost:8082
Enter fullscreen mode Exit fullscreen mode

Local development credentials:

admin / admin
Enter fullscreen mode Exit fullscreen mode

These credentials are only for local development. Do not use them in shared or production environments.

Current status

CDNLite is suitable for labs, demos, private deployments, and controlled production experiments.

For serious production use, operators should still review hardening, TLS, secret rotation, backups, monitoring, authentication, and network isolation.

The roadmap includes:

  • RBAC
  • OIDC/SAML SSO
  • Stronger tenant isolation
  • Prometheus and Grafana improvements
  • Kubernetes and Helm deployment
  • Terraform examples
  • HA control plane documentation
  • More WAF, cache, and deployment policy templates

GitHub

CDNLite is MIT licensed and open for contributions.

Repository:

https://github.com/vaheed/CDNLite

I would love feedback from people working with CDN infrastructure, DNS automation, WAF rules, OpenResty, hosting platforms, or self-hosted edge systems.

Top comments (0)