Skip to content
SuperKloud
fr Join the waitlist
Features

Everything you need to run a private cloud, painlessly.

App catalog, unified identity, security-by-default, automated backups and updates. You stay in control, SuperKloud handles the grunt work.

How it works

Four steps. No YAML to stack, no system to harden yourself.

1

Install hardening

Your server is hardened automatically: key-only SSH, firewall configured, intrusion protection running. A clean baseline, no manual work.

2

Configure your team

Create your users and groups once. LDAP becomes the source of truth — a change propagates instantly to every app.

3

Pick your apps

Browse the catalog. SuperKloud deploys the app, its dedicated database, its TLS certificate and its OIDC client in one command.

4

Your team signs in

Unified SSO across every app, optional 2FA per user. Access follows the groups you defined.

SuperKloud architecture The SuperKloud console orchestrates isolated containerized apps behind a reverse proxy, with LDAP as the identity source of truth. SuperKloud — vue d'ensemble Un seul point d'entrée public. Une identité unique. Des apps isolées. Zone publique — reverse proxy · TLS 1.3 · certificats automatiques Console SuperKloud API REST · OIDC issuer Admin UI · 2FA Apps déployées · containers isolés Outline postgres · redis OpenCloud postgres OIDCWarden sqlite Forgejo sqlite HedgeDoc postgres Tuwunel + Element matrix + catalogue qui s'étoffe en continu — apps containerisées, BDD dédiées OIDC Services internes — privés, jamais joignables depuis l'extérieur LDAP Users · Groups · RBAC Source de vérité Backup scheduler · retention restauration en un clic Auto-update snapshot · health check rollback automatique Monitoring · Audit CPU · RAM · disque logs structurés canal privé (non exposé)
Security

Zero Trust, by default.

No app exposed without auth. No traffic in clear. No secrets in plain text. This is the baseline, not an option.

SuperKloud Zero Trust flow HTTPS traffic hits the reverse proxy and reaches the app only after OIDC validation. User Reverse proxy · TLS 1.3 OIDC natif App HTTPS Bearer JWT Verified LDAP source of truth Zero Trust flow Aucune app n'est jamais jointe sans passer par les deux gardiens.

Reverse proxy + TLS 1.3

A single entry point in front. Every route encrypted. Certificates renewed automatically.

Native OIDC

SuperKloud issues its own tokens. No external dependency. No identity leaking to a third party.

Optional 2FA

Per-user TOTP (Google Authenticator…) and WebAuthn security keys. Strongly recommended for admins.

LDAP as source of truth

One identity per user. A change propagates instantly to every app.

Hardened host

From install: key-only SSH with brute-force protection, firewall configured, intrusion detection running. You don't have to think about it.

Audit logs

Every sensitive action is logged and timestamped. You know who did what, and when.

A full app lifecycle, handled

Deploying is just the start. SuperKloud handles the rest.

SuperKloud app lifecycle Four phases on a loop: deploy, update with rollback, daily backup, continuous monitoring. Deploy Auto-update with rollback Scheduled backups Monitoring & alerts app Cycle de vie automatisé Snapshot avant chaque update. Health check après. Rollback si KO. Backups quotidiens. Retention paramétrable. Monitoring CPU/RAM/disk + alertes.

Deploy

Isolated Docker Compose templates. Dedicated services per app. No shared databases waiting to burn you.

Auto-update with rollback

Snapshot before each upgrade. Health check after. If something breaks, instant rollback.

Scheduled backups

Daily per-app backups, one-click restore. You set the retention.

Monitoring & alerts

CPU, RAM, disk, container health. You see trouble coming before users do.

Waitlist now open

Be the first to know

Drop your email. We'll reach out the day the product is ready — no newsletter spam.

What's the use case you have in mind?

Which needs do you want covered? (optional, pick any)

Tick what you need — we pick the right app behind the scenes.