Your private home base for servers, services, and secrets.
One HTML file. Zero servers. End-to-end encrypted.
Lodge brings together the three things every maker accumulates — machines, services, and tokens — into a single private workspace.
Every machine, one list. Aliases, tags, SSH credentials at a glance. One click launches your terminal with the right connection.
Every endpoint, one tap. Group web apps, media servers, admin panels by host. Search across hundreds in milliseconds.
Every secret, one password. Tokens, notes, API keys — all AES-GCM 256 encrypted in your browser. Zero-knowledge by design.
Designed for clarity. Built for speed. No clutter, no learning curve.
Your master password never leaves your browser. Not by network, not by telemetry, not by accident.
Military-grade authenticated encryption. Every vault item gets its own IV, so identical values produce different ciphertexts.
OWASP 2023-recommended key derivation iterations with SHA-256. Slow on purpose — fast for you, brutal for attackers.
Lodge runs entirely in your browser. There's no backend to hack, no database to leak, no API to rate-limit.
Zero network requests. Open DevTools, watch the Network tab — every page load is silent.
Drop two files. Set one password. Done.
Place dashboard.html and config.json anywhere you can serve static files — local folder, NAS, VPS.
First time you open it, you create a master password. This derives your encryption key — it's never stored, never sent anywhere.
Sync the two files via iCloud, Dropbox, or your own server. Open on any device. Your vault follows you, encrypted end-to-end.
No install. No server. No signup. Open the URL, point it at your config, start managing.
Want to self-host? Clone the repo and push to Vercel / Netlify / GitHub Pages — same result, your own URL.
The questions people ask most before trying Lodge.
No. Lodge has no server. The two files (dashboard.html + config.json) live wherever you place them — iCloud Drive, NAS, VPS, GitHub Pages. Vault items are encrypted in your browser with AES-GCM 256 and never leave your device.
Lodge is a personal console combining server inventory, a service catalog, and a secret vault — not a team password manager. Two files instead of an account and a sync engine. You own the storage, so there is no central database to breach.
Yes. Once the page is loaded, no network is needed for any operation. The Content-Security-Policy allows only the bundled code, so the app does not phone home.
AES-GCM 256, with the key derived from your master password via PBKDF2-SHA256 at 600,000 iterations. The browser's built-in WebCrypto does the work. Your master password never leaves the device — there is no server to send it to.
Yes. config.json is plain JSON you can inspect, edit, or import into another tool. The encrypted vault uses a standard AES-GCM format.
No. The Content-Security-Policy locks the page to 'self' (with the usual 'unsafe-inline' / 'unsafe-eval' exceptions for the bundled JS). No analytics, no external fonts, no CDN, no telemetry of any kind.