v1.0 · Open Source · MIT

Lodge.

Your private home base for servers, services, and secrets.
One HTML file. Zero servers. End-to-end encrypted.

$ git clone https://github.com/toolazytoname/lodge.git
$ cd lodge && open dashboard.html
Zero network requests
Single 90KB file
AES-GCM 256 encrypted
Works on every device
No account, no telemetry

Three things. One file.

Lodge brings together the three things every maker accumulates — machines, services, and tokens — into a single private workspace.

Server Inventory

Every machine, one list. Aliases, tags, SSH credentials at a glance. One click launches your terminal with the right connection.

Service Catalog

Every endpoint, one tap. Group web apps, media servers, admin panels by host. Search across hundreds in milliseconds.

Encrypted Vault

Every secret, one password. Tokens, notes, API keys — all AES-GCM 256 encrypted in your browser. Zero-knowledge by design.

A workspace that just feels right.

Designed for clarity. Built for speed. No clutter, no learning curve.

lodge.weichao.studio
Servers · 3
家庭 NAS
root@192.168.1.10
SSH 复制
博客服务器
deploy@blog.example.com
SSH 复制
开发机
coder@192.168.1.20:2222
SSH 复制
Services
J
Jellyfin
192.168.1.10:8096
N
Nextcloud
192.168.1.10:8080
B
主博客
blog.example.com
Vault · Encrypted
GitHub PAT
••••••••••••
Cloudflare API
••••••••••••
订阅笔记
••••••••••••

Zero-knowledge by design.

Your master password never leaves your browser. Not by network, not by telemetry, not by accident.

AES-GCM 256

Military-grade authenticated encryption. Every vault item gets its own IV, so identical values produce different ciphertexts.

PBKDF2 · 600k

OWASP 2023-recommended key derivation iterations with SHA-256. Slow on purpose — fast for you, brutal for attackers.

No servers

Lodge runs entirely in your browser. There's no backend to hack, no database to leak, no API to rate-limit.

No telemetry

Zero network requests. Open DevTools, watch the Network tab — every page load is silent.

Three steps to private.

Drop two files. Set one password. Done.

1

Drop the files

Place dashboard.html and config.json anywhere you can serve static files — local folder, NAS, VPS.

2

Set a master password

First time you open it, you create a master password. This derives your encryption key — it's never stored, never sent anywhere.

3

Access anywhere

Sync the two files via iCloud, Dropbox, or your own server. Open on any device. Your vault follows you, encrypted end-to-end.

Open. Pick. Done.

No install. No server. No signup. Open the URL, point it at your config, start managing.

https://lodge.weichao.studio Open
  1. Open the URL above in any browser — Mac, Windows, Linux, iPhone, iPad.
  2. First time on a device: a file picker appears. Choose your config.json from iCloud Drive (or anywhere on your device).
  3. That's it. The config is cached in the browser. Next time, open the URL and it loads instantly.
Your data never leaves your device Lodge only serves the HTML skeleton. Your config.json is read by your browser, never uploaded. Vault items are AES-GCM 256 encrypted with your master password — zero-knowledge.

Want to self-host? Clone the repo and push to Vercel / Netlify / GitHub Pages — same result, your own URL.

Frequently asked

The questions people ask most before trying Lodge.

Does Lodge send my secrets to a server?

No. Lodge has no server. The two files (dashboard.html + config.json) live wherever you place them — iCloud Drive, NAS, VPS, GitHub Pages. Vault items are encrypted in your browser with AES-GCM 256 and never leave your device.

How is this different from Bitwarden or 1Password?

Lodge is a personal console combining server inventory, a service catalog, and a secret vault — not a team password manager. Two files instead of an account and a sync engine. You own the storage, so there is no central database to breach.

Can I use it offline?

Yes. Once the page is loaded, no network is needed for any operation. The Content-Security-Policy allows only the bundled code, so the app does not phone home.

How strong is the encryption?

AES-GCM 256, with the key derived from your master password via PBKDF2-SHA256 at 600,000 iterations. The browser's built-in WebCrypto does the work. Your master password never leaves the device — there is no server to send it to.

Can I migrate my data later?

Yes. config.json is plain JSON you can inspect, edit, or import into another tool. The encrypted vault uses a standard AES-GCM format.

Does Lodge have analytics or third-party requests?

No. The Content-Security-Policy locks the page to 'self' (with the usual 'unsafe-inline' / 'unsafe-eval' exceptions for the bundled JS). No analytics, no external fonts, no CDN, no telemetry of any kind.