Skip to content
SuperKloud
fr Join the waitlist
Self-hosted alternative to Big Tech

Your private cloud,
ready to use.

One-click deploy open-source apps. Unified identity (SSO) for the whole team. Your data stays with you.

Join the waitlist See how it works

Zero Trust by design — TLS 1.3 · OIDC + 2FA

What SuperKloud brings together SuperKloud brings all your team’s tools — wiki, files, passwords, chat, code — into one private cloud, on your own server. SuperKloud your private cloud

All your tools, one cloud — on your own server.

Why SuperKloud

Three pains we lived through. One integrated answer.

Your data is scattered

Mail at Google, docs at Microsoft, chat at Slack. Each vendor knows a slice of your customers. None of it actually belongs to you.

Self-hosting is expensive

Setting up a documentation, file storage and sharing system or an instant messaging server involves: a reverse proxy, certificates, databases, user accounts, system hardening… Weeks of engineering work, or an equivalent budget for outsourcing.

No single identity

Every app has its own login. When someone leaves, you go on a scavenger hunt to revoke access everywhere.

How it works

Four steps. No configurations to stack, no servers to secure manually.

1

Install hardening

Your server is automatically secured upon installation: access is restricted, a firewall is in place, and intrusion protection is active. A solid foundation, with no action required on your part.

2

Configure your team

You only need to set up your users and groups once. A central directory serves as the reference point, so any changes are immediately reflected across all apps.

3

Pick your apps

You simply choose from the catalogue. SuperKloud installs the app, its database, its encryption and its single-sign-on connection, all with a single click.

4

Your team signs in

One login opens every app, with two-factor authentication available per person. Access follows the groups you defined.

SuperKloud architecture The SuperKloud console orchestrates isolated containerized apps behind a reverse proxy, with LDAP as the identity source of truth. SuperKloud — vue d'ensemble Un seul point d'entrée public. Une identité unique. Des apps isolées. Zone publique — reverse proxy · TLS 1.3 · certificats automatiques Console SuperKloud API REST · OIDC issuer Admin UI · 2FA OIDC Apps déployées · containers isolés Outline postgres · redis OpenCloud postgres OIDCWarden sqlite Forgejo sqlite HedgeDoc postgres Tuwunel + Element matrix + catalogue qui s'étoffe en continu — apps containerisées, BDD dédiées Services internes — privés, jamais joignables depuis l'extérieur LDAP Users · Groups · RBAC Source de vérité Backup scheduler · retention restauration en un clic Auto-update snapshot · health check rollback automatique Monitoring · Audit CPU · RAM · disque logs structurés canal privé (non exposé)

Every need a small team has, covered.

Document, store, secure, communicate, code, tool up. We start from what you want to do — and we integrate the best open-source apps for each use case.

  • Outline
  • OpenCloud
  • OIDCWarden
  • HedgeDoc
  • Forgejo
  • Tuwunel + Element
  • Stalwart Mail
  • Roundcube
  • Immich
  • BookStack
  • Miniflux
  • IT-Tools
  • Gokapi

Many more apps coming soon

Your votes steer the next integration — tell us what's missing

Join the waitlist
See the detailed catalog
Security

Zero Trust, by default.

No app exposed without auth. No traffic in clear. No secrets in plain text. This is the baseline, not an option.

SuperKloud Zero Trust flow HTTPS traffic hits the reverse proxy and reaches the app only after OIDC validation. User Reverse proxy · TLS 1.3 OIDC natif App HTTPS Bearer JWT Verified LDAP source of truth Zero Trust flow Aucune app n'est jamais jointe sans passer par les deux gardiens.

Reverse proxy + TLS 1.3

A single entry point in front. Every route encrypted. Certificates renewed automatically.

Native OIDC

SuperKloud issues its own tokens. No external dependency. No identity leaking to a third party.

Optional 2FA

Per-user TOTP (Google Authenticator…) and WebAuthn security keys. Strongly recommended for admins.

See security in detail

A full app lifecycle, handled

Deploying is just the start. SuperKloud handles the rest.

Deploy

Isolated Docker Compose templates. Dedicated services per app. No shared databases waiting to burn you.

Auto-update with rollback

Snapshot before each upgrade. Health check after. If something breaks, instant rollback.

Scheduled backups

Daily per-app backups, one-click restore. You set the retention.

Monitoring & alerts

CPU, RAM, disk, container health. You see trouble coming before users do.

Three plans, one promise: your infra, your rules.

We start by describing who can do what, and within which limits. Pro and Business pricing will be calibrated with your feedback — that's part of why the waitlist exists.

Free

Free, forever

To explore and test on your own box.

Included

  • Up to 3 applications
  • Up to 5 users
  • Up to 2 groups
  • Native OIDC SSO
  • Automatic reverse proxy & TLS
  • Server health widget
Join the waitlist

Pro

For small teams that want to sleep at night.

Everything in Free, plus

  • Up to 15 applications
  • Up to 50 users
  • Up to 10 groups
  • Automated backup & restore
  • Auto-update with rollback
  • Built-in mail
  • Detailed monitoring & alerts
Join the waitlist

Business

For organizations that ran out of ceiling.

Everything in Pro, plus

  • Unlimited applications
  • Unlimited users
  • Unlimited groups
  • Multi-admin
  • Custom branding (logo, colors)
  • Catalog priority
Join the waitlist

We'd rather ask you before locking in a price. Sign up, tell us which plan fits you, and we'll build the price grid with you.

Frequently asked

Where is my data stored?

On your server. Period. SuperKloud installs on your infrastructure (VPS, bare metal, Docker-capable NAS). No application data transits through our servers.

Is it GDPR-compliant?

Self-hosting makes you the data controller. SuperKloud is designed to make that easier: access logs, centralized user management, real deletion.

What happens if SuperKloud disappears?

The deployed apps are 100% open-source and run in standard containers. You keep your data and can keep operating without us.

And SuperKloud itself, is it open-source?

The catalog apps are — every one of them. For SuperKloud itself, we don't (yet) commit to releasing the code: in an era where an AI can clone a project overnight, shipping the source is essentially handing out the product. What we do guarantee: your data lives in standard formats you keep, the apps run in containers you keep if you leave, and the architecture is documented for your security audits.

What do I need to prepare before installing SuperKloud?

Three things, that's all. A server (VPS, bare metal or Docker-capable NAS) sized to your needs. A domain name with a wildcard DNS record `*.yourdomain.tld` pointing to the server — that's what lets every app get its own subdomain without manual work. And, if you want automatic wildcard TLS certificates renewed for you, a DNS API key from your registrar (Cloudflare, OVH, Gandi, Scaleway…). The rest — deployment, hardening, certificates, routes — SuperKloud handles.

See the full FAQ
Waitlist now open

Be the first to know

Drop your email. We'll reach out the day the product is ready — no newsletter spam.