DEV.co
Open-Source DevOps · PegaProx

project-pegaprox

PegaProx is an open-source web dashboard for managing multiple Proxmox VE and XCP-ng hypervisor clusters from a single interface. It provides unified VM/container management, live migration, load balancing, backup scheduling, and multi-user role-based access control.

Source: GitHub — github.com/PegaProx/project-pegaprox
1.3k
GitHub stars
89
Forks
JavaScript
Primary language
AGPL-3.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
RepositoryPegaProx/project-pegaprox
OwnerPegaProx
Primary languageJavaScript
LicenseAGPL-3.0 — OSI-approved
Stars1.3k
Forks89
Open issues30
Latest releasev0.9.14 (2026-07-05)
Last updated2026-07-08
Sourcehttps://github.com/PegaProx/project-pegaprox

What project-pegaprox is

JavaScript-based multi-cluster orchestration platform with real-time SSE metrics, cross-hypervisor migration support (Proxmox, XCP-ng, ESXi), snapshot replication, LDAP/OIDC authentication, full-database AES-256 encryption, audit logging with SIEM forwarding, and Ceph storage integration.

Quickstart

Get the project-pegaprox source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/PegaProx/project-pegaprox.gitcd project-pegaprox# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Multi-Datacenter Hypervisor Consolidation

Organizations managing 2+ Proxmox or XCP-ng clusters across sites benefit from unified dashboards, cross-cluster load balancing, and automated failover. Eliminates per-cluster UI context switching and simplifies capacity planning.

Compliance & Audited Infrastructure

Environments requiring SOC 2, ISO 27001, or HIPAA compliance leverage HMAC-signed audit logs, full-DB encryption at rest, automated backup verification (restore→boot→health check), IP whitelisting, and config drift detection.

VMware Migration & Hybrid Clouds

Teams migrating from ESXi to Proxmox use the built-in ESXi import wizard for near-zero-downtime VM transfers. Useful for decommissioning legacy VMware infrastructure while retaining hypervisor choice flexibility.

Implementation considerations

  • Beta status (v0.9.14-beta): production use should include staged rollout, automated backups of PegaProx config, and fallback to native Proxmox UI. Breaking changes possible before 1.0.
  • Deployment requires Linux x86_64 host (or verify on your platform); database encryption at rest only supported there. Plan master-key storage (env var, systemd credential, or /etc/pegaprox/secret.key) separately from config backups.
  • LDAP/OIDC integration mandatory for multi-team/multi-tenant setups; local auth alone scales poorly. Test LDAP/Entra/Keycloak bindings pre-deployment.
  • Audit log and SIEM forwarding (Splunk, Elasticsearch, Loki, Syslog) require pre-configured targets and TLS certificate pinning. Plan log retention and search infrastructure.
  • Cost and power dashboards require historical metrics; enable CPU/RAM/storage tracking on all nodes and let PegaProx accumulate baseline data (days to weeks) before reliable reporting.

When to avoid it — and what to weigh

  • Proprietary/Closed-Source Requirement — AGPL-3.0 requires source disclosure if you modify and redistribute. If your compliance policy forbids copyleft licenses or mandates vendor lock-in, this is unsuitable.
  • Non-Linux/x86_64 Deployments — Database encryption (SQLCipher AES-256) is documented only for Linux x86_64. ARM, Windows Server, or other architectures may lack full encryption support; requires review before deployment.
  • Single-Cluster or Small-Scale Ops — Overhead of multi-cluster management, RBAC, and audit infrastructure may not justify complexity for teams running one small Proxmox cluster with basic VM needs. Native Proxmox UI or simpler tools suffice.
  • Unsupported Hypervisor Environments — Limited or no support for Hyper-V, KVM standalone, or bare-metal clouds outside Proxmox/XCP-ng/ESXi. Requires compatible hypervisor stack.

License & commercial use

AGPL-3.0 (GNU Affero General Public License v3.0). This is a copyleft license requiring source code disclosure of any modified versions if you offer them as a service or distribute them. Internal use without redistribution (e.g., self-hosted, private deployment) is permitted without source disclosure, but commercial hosting/SaaS requires license review.

AGPL-3.0 permits private self-hosted deployment for commercial operations without source disclosure. However, if you modify PegaProx and offer it as a service (hosted/SaaS), or integrate it into a commercial product you redistribute, you must provide source code access. Commercial support/sponsorships are separate; consult legal counsel on your specific use case before deploying at scale.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationStrong
License clarityClear
Deployment complexityHigh
DEV.co fitStrong
Assessment confidenceHigh
Security considerations

Full-database encryption (AES-256-CBC + HMAC-SHA512, SQLCipher v4) on Linux x86_64; multi-tier master-key loading (env/systemd/file). Sensitive fields Fernet-encrypted elsewhere. TOTP 2FA, WebAuthn/FIDO2, LDAP/OIDC support. IP whitelisting/blacklisting, fine-grained VM-level ACLs, HMAC-signed tamper-evident audit log (RFC 5424 Syslog compatible). CVE scanner (debsecan), CIS hardening audits, config drift detection. Aikido audit badge linked but no CVE history provided; assume pre-release phase carries residual risk. Do not assume 'secure' without review of the full audit report and your threat model.

Alternatives to consider

Proxmox Backup Server (PBS)

Native Proxmox backup tool; simpler for backup-only use cases but lacks multi-cluster orchestration, load balancing, and ESXi migration features.

Terraform + Ansible + Proxmox Provider

IaC-driven approach for multi-cluster VM provisioning; more granular control, version-controlled, but requires coding and no Web UI; better for GitOps shops.

Canonical Landscape / Ubuntu Pro

Enterprise Linux management for Ubuntu-based Proxmox nodes; covers updates, compliance scanning, but does not replace hypervisor cluster orchestration or VM migration.

Software development agency

Build on project-pegaprox with DEV.co software developers

Evaluate PegaProx in a staging cluster with your topology. Verify AGPL-3.0 compliance with legal, test LDAP/OIDC and encryption on your platform, and plan audit log forwarding. Document your fallback strategy to native Proxmox UI. Start small, scale with confidence.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

project-pegaprox FAQ

Can I use PegaProx in production today?
v0.9.14 is labeled beta. Suitable for production with risk acceptance, staged rollout, and fallback plan. Backup PegaProx config separately; breaking changes possible before 1.0. Sponsorship funds ongoing development.
Do I need to open-source my modifications if I self-host PegaProx privately?
No. AGPL-3.0 only triggers disclosure if you distribute modified versions or offer it as a service. Private self-hosted use is permitted. Consult legal if you plan to redistribute or host for customers.
What hypervisors does PegaProx support?
Proxmox VE (primary), XCP-ng (tech preview, pool support + VM actions), ESXi (import/migration wizard). Hyper-V, standalone KVM, and other hypervisors not supported; verify exact version compatibility in docs.pegaprox.com.
Does PegaProx work on ARM, Windows, or non-x86_64 Linux?
Unknown without testing. Database encryption (SQLCipher AES-256) is documented only for Linux x86_64. Other platforms require manual verification; contact maintainers or conduct PoC before committing.

Work with a software development agency

Adopting project-pegaprox is usually one piece of a larger software development effort. As a software development agency, DEV.co provides software development services and web development expertise — pairing senior software developers and web developers with your team to design, build, and operate open-source devops software in production.

Ready to Unify Your Hypervisor Infrastructure?

Evaluate PegaProx in a staging cluster with your topology. Verify AGPL-3.0 compliance with legal, test LDAP/OIDC and encryption on your platform, and plan audit log forwarding. Document your fallback strategy to native Proxmox UI. Start small, scale with confidence.