Build your local AI assistants, sync data across places, self-hosted your workspace, stream your own media, and more——all in a true home cloud made possible by Terminus.
Website · Documentation · Download TermiPass · Terminus Apps · Terminus Space
- Introduction
- Motivation and design
- Tech stacks
- Features
- Feature comparison
- Getting started
- Project navigation
- Contributing to Terminus
- Community & contact
- Staying ahead
- Special thanks
Transform your edge device into a true home cloud with Terminus - a free, self-hosted operating system built on Kubernetes. Terminus brings cloud-level capabilities to your home, without compromising on privacy or ease of use. By securely storing your data and accessing your self-hosted services from anywhere via Terminus, you gain complete control over your digital life.
Typical use cases of Terminus include:
🤖 Local AI: Host and run world-class open-source AI models locally, including large language models, image generation, and speech recognition. Create custom AI assistants that integrate seamlessly with your personal data and applications, all while ensuring enhanced privacy and control.
💻Personal data repository: Securely store, sync, and manage your photos, documents, and important files in a unified storage and access anywhere.
🛠️ Self-hosted workspace: Create a free, powerful workspace for your team or family with open source selfhosted alternatives.
🎥 Private media server: Host your own streaming services with your personal media collections.
🏡 Smart Home Hub: Create a central control point for your IoT devices and home automation.
🤝 User-owned decentralized social media: Easily install decentralized social media apps such as Mastodon, Ghost, and WordPress on Terminus, allowing you to build a personal brand without the risk of being banned or paying platform commissions.
📚 Learning platform: Explore self-hosting, container orchestration, and cloud technologies hands-on.
We believe the current state of the internet, where user data is centralized and exploited by monopolistic corporations, is deeply flawed. Our goal is to empower individuals with true data ownership and control.
Terminus provides a next-generation decentralized Internet framework consisting of the following three integral components:
- Snowinning Protocol: A decentralized identity and reputation system that integrates decentralized identifiers (DIDs), verifiable credentials (VCs), and reputation data.
- Terminus OS: An one-stop self-hosted operating system running on edge devices, allowing users to host their own data and applications.
- TermiPass: A comprehensive client software that securely bridges users to their Terminus systems. It offers remote access, identity and device management, data storage, and productivity tools, providing a seamless interface for all Terminus interactions. Learn more in documentation.
Terminus offers a wide array of features designed to enhance security, ease of use, and development flexibility:
- Enterprise-grade security: Simplified network configuration using Tailscale, Headscale, Cloudflare Tunnel, and FRP.
- Secure and permissionless application ecosystem: Sandboxing ensures application isolation and security.
- Unified file system and database: Automated scaling, backups, and high availability.
- Single sign-on: Log in once to access all applications within Terminus with a shared authentication service.
- AI capabilities: Comprehensive solution for GPU management, local AI model hosting, and private knowledge bases while maintaining data privacy.
- Built-in applications: Includes file manager, sync drive, vault, reader, app market, settings, and dashboard.
- Seamless anywhere access: Access your devices from anywhere using dedicated clients for mobile, desktop, and browsers.
- Development tools: Comprehensive development tools for effortless application development and porting.
Here are some screenshots from the UI for a sneak peek:
| Desktop–AI-Powered Personal Desktop | Files–A Secure Home to Your Data |
|---|---|
 |
 |
| Vault–1Password alternative | Market–App ecosystem in your control |
 |
 |
| Wise–Your digital secret garden | Settings–Managing Terminus efficiently |
 |
 |
| Dashboard–constant Terminus monitoring | Profile–Your homepage on decentralized network |
 |
 |
| Devbox–Developing, debugging, and deploying | Controlhub–Managing Kubernetes clusters easily |
 |
 |
To help you understand how Terminus stands out in the landscape, we've created a comparison table that highlights its features alongside those of other leading solutions in the market.
Legend:
- 🚀: Auto, indicates that the system completes the task automatically.
- ✅: Yes, indicates that users without a developer background can complete the setup through the product's UI prompts.
- 🛠️: Manual Configuration, indicates that even users with an engineering background need to refer to tutorials to complete the setup.
- ❌: No, indicates that the feature is not supported.
| Terminus | Synology | TrueNAS | CasaOS | Proxmox | Unraid | |
|---|---|---|---|---|---|---|
| Source Code License | Terminus License | Closed | GPL 3.0 | Apache 2.0 | MIT | Closed |
| Built On | Kubernetes | Linux | Kubernetes | Docker | LXC/VM | Docker |
| Multi-Node | ✅ | ❌ | ✅ | ❌ | 🛠️ | ❌ |
| Build-in Apps | ✅ (Rich desktop apps) | ✅ (Rich desktop apps) | ❌ (CLI) | ✅ (Simple desktop apps) | ✅ (Dashboard) | ✅ (Dashboard) |
| Free Domain Name | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ |
| Auto SSL Certificate | 🚀 | ✅ | 🛠️ | 🛠️ | 🛠️ | 🛠️ |
| Reverse Proxy | 🚀 | ✅ | 🛠️ | 🛠️ | 🛠️ | 🛠️ |
| VPN Management | 🚀 | 🛠️ | 🛠️ | 🛠️ | 🛠️ | 🛠️ |
| Graded App Entrance | 🚀 | 🛠️ | 🛠️ | 🛠️ | 🛠️ | 🛠️ |
| Multi-User Management | ✅ User management 🚀 Resource isolation |
✅ User management 🛠️ Resource isolation |
✅ User management 🛠️ Resource isolation |
❌ | ✅ User management 🛠️ Resource isolation |
✅ User management 🛠️ Resource isolation |
| Single Login for All Apps | 🚀 | ❌ | ❌ | ❌ | ❌ | ❌ |
| Cross-Node Storage | 🚀 (Juicefs+ MinIO) |
❌ | ❌ | ❌ | ❌ | ❌ |
| Database Solution | 🚀 (Built-in cloud-native solution) | 🛠️ | 🛠️ | 🛠️ | 🛠️ | 🛠️ |
| Disaster Recovery | 🚀 (MinIO's Erasure Coding) | ✅ RAID | ✅ RAID | ✅ RAID | ❌ | ✅ Unraid Storage |
| Backup | ✅ App Data ✅ User Data |
✅ User Data | ✅ User Data | ✅ User Data | ✅ User Data | ✅ User Data |
| App Sandboxing | ✅ | ❌ | ❌ (K8S's namespace) | ❌ | ❌ | ❌ |
| App Ecosystem | ✅ (Official + third-party) | ✅ (Majorly official apps) | ✅ (Official + third-party submissions) | ✅ Majorly official apps | ❌ | ✅ (Community app market) |
| Developer Friendly | ✅ IDE ✅ CLI ✅ SDK ✅ Doc |
✅ CLI ✅ SDK ✅ Doc |
✅ CLI ✅ Doc |
✅ CLI ✅ Doc |
✅ SDK ✅ Doc |
✅ Doc |
| Local LLM Hosting | 🚀 | 🛠️ | 🛠️ | 🛠️ | 🛠️ | 🛠️ |
| Local LLM app development | 🚀 (Dify integrated) | 🛠️ | 🛠️ | 🛠️ | 🛠️ | 🛠️ |
| Client Platforms | ✅ Android ✅ iOS ✅ Windows ✅ Mac ✅ Chrome Plugin |
✅ Android ✅ iOS |
❌ | ❌ | ❌ | ❌ |
| Client Functionality | ✅ (All-in-one client app) | ✅ (14 separate client apps) | ❌ | ❌ | ❌ | ❌ |
- Getting Started on Linux
- Getting Started on Raspberry Pi
- Getting Started on macOS
- Getting Started on Windows
Terminus consists of numerous code repositories publicly available on GitHub. The current repository is responsible for the final compilation, packaging, installation, and upgrade of the operating system, while specific changes mostly take place in their corresponding repositories.
The following table lists the project directories under Terminus and their corresponding repositories. Find the one that interests you:
Framework components
| Directory | Repository | Description |
|---|---|---|
| frameworks/app-service | https://github.com/beclab/app-service | A system framework component that provides lifecycle management and various security controls for all apps in the system. |
| frameworks/backup-server | https://github.com/beclab/backup-server | A system framework component that provides scheduled full or incremental cluster backup services. |
| frameworks/bfl | https://github.com/beclab/bfl | Backend For Launcher (BFL), a system framework component serving as the user access point and aggregating and proxying interfaces of various backend services. |
| frameworks/GPU | https://github.com/grgalex/nvshare | GPU sharing mechanism that allows multiple processes (or containers running on Kubernetes) to securely run on the same physical GPU concurrently, each having the whole GPU memory available. |
| frameworks/l4-bfl-proxy | https://github.com/beclab/l4-bfl-proxy | Layer 4 network proxy for BFL. By prereading SNI, it provides a dynamic route to pass through into the user's Ingress. |
| frameworks/osnode-init | https://github.com/beclab/osnode-init | A system framework component that initializes node data when a new node joins the cluster. |
| frameworks/system-server | https://github.com/beclab/system-server | As a part of system runtime frameworks, it provides a mechanism for security calls between apps. |
| frameworks/tapr | https://github.com/beclab/tapr | Terminus Application Runtime components. |
System-Level Applications and Services
| Directory | Repository | Description |
|---|---|---|
| apps/agent | https://github.com/beclab/dify | The LLM app development platform ported from Dify.ai, with integrations of Terminus Accounts, local knowledge base, and local models. |
| apps/analytic | https://github.com/beclab/analytic | Developed based on Umami, Analytic is a simple, fast, privacy-focused alternative to Google Analytics. |
| apps/market | https://github.com/beclab/market | This repository deploys the front-end part of the application market in Terminus. |
| apps/market-server | https://github.com/beclab/market | This repository deploys the back-end part of the application market in Terminus. |
| apps/argo | https://github.com/argoproj/argo-workflows | A workflow engine for orchestrating container execution of local recommendation algorithms. |
| apps/desktop | https://github.com/beclab/desktop | The built-in desktop application of the system. |
| apps/devbox | https://github.com/beclab/devbox | An IDE for developers to port and develop Terminus applications. |
| apps/TermiPass | https://github.com/beclab/TermiPass | A free alternative to 1Password and Bitwarden for teams and enterprises of any size Developed based on Padloc. It serves as the client that helps you manage DID, Terminus Name, and Terminus devices. |
| apps/files | https://github.com/beclab/files | A built-in file manager modified from Filebrowser, providing management of files on Drive, Sync, and various Terminus physical nodes. |
| apps/knowledgebase | https://github.com/Above-Os/knowledgebase | A built-in application that stores articles, PDFs, and eBooks collected through RSS subscriptions, TermiPass, and recommendations by local algorithms. |
| apps/mynitro | https://github.com/beclab/mynitro | A wrapper of the official Nitro project that hosts LLMs locally, specifically, provides services to Dify's agents on Terminus. |
| apps/notifications | https://github.com/beclab/notifications | The notifications system of Terminus |
| apps/profile | https://github.com/beclab/profile | Linktree alternative in Terminus |
| apps/rsshub | https://github.com/beclab/rsshub | A RSS subscription manager based on RssHub. |
| apps/dify-gateway | https://github.com/beclab/dify-gateway | A gateway service that establishes the connection between Dify and other services such as Files and Agent. |
| apps/settings | https://github.com/beclab/settings | Built-in system settings. |
| apps/system-apps | https://github.com/beclab/system-apps | Built based on the kubesphere/console project, system-service provides a self-hosted cloud platform that helps users understand and control the system's runtime status and resource usage through a visual Dashboard and feature-rich ControlHub. |
| apps/wise | https://github.com/Above-Os/knowledgebase | A reader for users to read articles stored by users from RSS subscriptions, collections, and recommendation algorithms. |
| apps/wizard | https://github.com/beclab/wizard | A wizard application to walk users through the system activation process. |
Third-party Components and Services
| Directory | Repository | Description |
|---|---|---|
| third-party/authelia | https://github.com/beclab/authelia | An open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for your applications via a web portal. |
| third-party/headscale | https://github.com/beclab/headscale | An open source, self-hosted implementation of the Tailscale control server in Terminus to manage Tailscale in TermiPass across different devices. |
| third-party/infisical | https://github.com/beclab/infisical | An open-source secret management platform that syncs secrets across your teams/infrastructure and prevents secret leaks. |
| third-party/juicefs | https://github.com/beclab/juicefs-ext | A distributed POSIX file system built on top of Redis and S3, allowing apps on different nodes to access the same data via POSIX interface. |
| third-party/ks-console | https://github.com/kubesphere/console | Kubesphere console that allows for cluster management via a Web GUI. |
| third-party/ks-installer | https://github.com/beclab/ks-installer-ext | Kubesphere installer component that automatically creates Kubesphere clusters based on cluster resource definitions. |
| third-party/kube-state-metrics | https://github.com/beclab/kube-state-metrics | kube-state-metrics (KSM) is a simple service that listens to the Kubernetes API server and generates metrics about the state of the objects. |
| third-party/notification-mananger | https://github.com/beclab/notification-manager-ext | Kubesphere's notification management component for unified management of multiple notification channels and custom aggregation of notification content. |
| third-party/predixy | https://github.com/beclab/predixy | Redis cluster proxy service that automatically identifies available nodes and adds namespace isolation. |
| third-party/redis-cluster-operator | https://github.com/beclab/redis-cluster-operator | A cloud-native tool for creating and managing Redis clusters based on Kubernetes. |
| third-party/seafile-server | https://github.com/beclab/seafile-server | The backend service of Seafile (Sync Drive) for handling data storage. |
| third-party/seahub | https://github.com/beclab/seahub | The front-end and middleware service of Seafile (Sync Drive) for handling file sharing, data synchronization, etc. |
| third-party/tailscale | https://github.com/tailscale/tailscale | Tailscale has been integrated in TermiPass of all platforms. |
Additional libraries and components
| Directory | Repository | Description |
|---|---|---|
| build/installer | The template for generating the installer build. | |
| build/manifest | Installation build image list template. | |
| libs/fs-lib | https://github.com/beclab/fs-lib | The SDK library for the iNotify-compatible interface implemented based on JuiceFS. |
| scripts | Assisting scripts for generating the installer build. |
We are welcoming contributions in any form:
-
If you want to develop your own applications on Terminus, refer to:
https://docs.jointerminus.com/developer/develop/ -
If you want to help improve Terminus, refer to:
https://docs.jointerminus.com/developer/contribute/terminus-os.html
- Github Discussion. Best for sharing feedback and asking questions.
- GitHub Issues. Best for filing bugs you encounter using Terminus and submitting feature proposals.
- Discord. Best for sharing anything Terminus.
Star the Terminus project to receive instant notifications about new releases and updates.
The Terminus project has incorporated numerous third-party open source projects, including: Kubernetes, Kubesphere, Padloc, K3S, JuiceFS, MinIO, Envoy, Authelia, Infisical, Dify, Seafile,HeadScale, tailscale, Redis Operator, Nitro, RssHub, predixy, nvshare, LangChain, Quasar, TrustWallet, Restic, ZincSearch, filebrowser, lego, Velero, s3rver, Citusdata.