←back to thread

Show HN: Octelium – FOSS Alternative to Teleport, Cloudflare, Tailscale, Ngrok

(github.com)
354 points geoctl | 1 comments | 29 Jun 25 11:24 UTC | HN request time: 0.228s | source

I have been working on Octelium for quite a few years now but it was open sourced only by late May 2025. Octelium, as described more in detail in the repo's README, is simply an open source, self-hosted, unified platform for zero trust resource access that is primarily meant to be a modern alternative to corporate VPNs and remote access tools. It can operate as a remote access/corporate VPN (i.e. alternative to Twingate, Tailscale, OpenVPN Access Server, etc...), a ZTNA/BeyondCorp platform (i.e. alterntive to Cloudflare Access, Teleport, Google BeyondCorp, etc...), and it can also operate as an API/AI gateway, an infrastructure for MCP and A2A architectures and meshes, an ngrok alternative, a homelab infrastructure or even as a more advanced Kubernetes ingress. It's basically designed to operate like a unified Kubernetes-like scalable architecture for zero trust secure/remote access that's suitable for different human-to-workload and workload-to-workload environments. You can read more in detail the full set of main features and links about how it works in the repo's README or directly in the docs https://octelium.com/docs
Show context
mzhaase ◴[29 Jun 25 13:29 UTC] No.44412985[source]
I have an immediate complete distrust to anything that throws around so many buzzwords. This is the github page and I still don't understand what it even does, specifically.
replies(2): >>44413008 #>>44422505 #
geoctl ◴[29 Jun 25 13:32 UTC] No.44413008[source]
I'd appreciate if you could provide me a list of those buzzwords so that I can improve the readme.
replies(2): >>44413082 #>>44419094 #
drexlspivey ◴[29 Jun 25 13:41 UTC] No.44413082[source]
“A next-gen FOSS self-hosted unified zero trust secure access platform that can operate as a remote access VPN, a ZTNA/BeyondCorp architecture, API/AI gateway, a PaaS, an infrastructure for MCP & A2A architectures or even as an ngrok-alternative and a homelab infrastructure.”

Literally every single word of it

replies(3): >>44413175 #>>44413672 #>>44414104 #
geoctl ◴[29 Jun 25 13:53 UTC] No.44413175[source]
I admit that the "next-gen" word might sound cheesy. As I said in the other reply, the more correct definition for Octelium is: a unified zero trust secure access platform. However, as I said this is a term that nobody would relate to. It's a ZTNA/BeyondCorp platform but not in the rigid sense. It's also a WireGuard/QUIC-based remote access VPN but it operates at layer-7 to provide L7 aware access control, secretless access, dynamic configuration and routing as well as OpenTelemtry-native visibility and auditing via identity-aware proxies and policy-decision-points instead of just controlling access at layer-3. As I said, it's designed to be more like a generic Kubernetes-like architecture for secure remote access that can be used for many different use cases.
replies(4): >>44413290 #>>44413299 #>>44413349 #>>44420916 #
1. jcul ◴[30 Jun 25 08:43 UTC] No.44420916[source]
To be fair, I wouldn't call these buzz works, maybe just "next-gen".

Rather one could argue they are technical jargon? But then if the technical jargon is over someone's head, maybe they are not the target audience.

I understood most of it, but it is quite dense for the first paragraph.