Statora is a self-hosted status page and uptime monitoring platform that combines public status communication, incident and maintenance workflows, active monitoring, and an admin console in one deployable application.
Statora is designed for teams that want to run their own status workflow instead of depending on a hosted third-party service. The current implementation pairs a Go-based API and monitoring runtime with an embedded React single-page application, so the public status site and admin interface ship together.
The platform covers three connected jobs:
- publish a public-facing status page for services and components
- manage incidents and maintenance from an authenticated admin area
- monitor services continuously and turn failures into operational signals
Only features verified in the current repository implementation are listed here.
- Public status homepage with overall summary, incidents, maintenance, and component health
- Category-specific status pages under
/status/:categoryPrefix - Incident history page under
/history - Real-time status refresh through WebSocket updates
- Public status settings endpoint used for branding, theme, and footer content
- Create, edit, view, delete, and resolve incidents from the admin UI
- Add incident updates and retrieve incident audit history
- Create, edit, view, and delete maintenance windows
- Retrieve maintenance audit history
- Rich-text authoring and rendering for incident and maintenance descriptions
- Backward-compatible dual-format content model that keeps plain-text fields alongside optional rich-text JSON payloads
- Maintenance workflow compatibility for both legacy
in_progressand currentactivestates
- Active monitoring for HTTP, TCP, DNS, Ping, and SSL checks
- Configurable intervals, timeouts, SSL warning thresholds, and domain expiry checks
- Worker-driven monitor execution with monitor logs, uptime tracking, and outage tracking
- Automatic outage detection after repeated failures
- Automatic incident creation when a detected outage is not already covered by an active incident
- Automatic maintenance status transitions based on scheduled start and end times
- Health endpoint for runtime readiness checks
- Admin login/logout flow with JWT-backed authentication
- MFA setup, verification, recovery verification, and disable flows
- Role-aware access control for
adminandoperator - User invitation activation flow
- Member management for listing, updating, inviting, refreshing, revoking, and deleting users
- Admin management screens for components, subcomponents, monitors, incidents, maintenance, subscribers, webhook channels, and settings
- WebSocket endpoint for live status updates
- Webhook channel management from the admin UI
- Public subscribe endpoint and admin subscriber management
- SSO callback endpoint for external authentication flows
| Status Page | Incident History | Service Details |
|---|---|---|
 |
 |
 |
| Dashboard | Monitoring | Maintenance | Settings |
|---|---|---|---|
 |
 |
 |
 |
Statora currently follows a unified application pattern:
Browser
-> React SPA
-> HTTP /api + WebSocket /ws
-> Gin handlers
-> services
-> repositories
-> MongoDB
Monitoring worker
-> monitor checks
-> MongoDB updates
-> WebSocket broadcasts
At runtime, one Go server process:
- loads configuration from environment variables
- connects MongoDB and Redis
- serves API routes and
/health - serves the embedded frontend bundle
- runs the WebSocket hub
- optionally runs the in-process monitoring worker
For the full system layout, see docs/architecture.md.
- Backend: Go 1.26, Gin, MongoDB driver, Gorilla WebSocket
- Frontend: React 18, TypeScript 5, Vite 5, Tailwind CSS 3
- Rich text editing: TipTap 2
- Data stores: MongoDB 7, Redis 7
- Authentication: JWT, MFA with TOTP
- Deployment: Docker multi-stage build, Docker Compose
git clone https://github.com/fresp/Statora.git
cd Statora
cp .env.example .env
docker compose up --build- Public status page:
http://localhost:8080/ - Admin area:
http://localhost:8080/admin - Health endpoint:
http://localhost:8080/health - WebSocket endpoint:
ws://localhost:8080/ws
The repository includes bootstrap values in .env.example:
ADMIN_EMAIL=admin@statusplatform.comADMIN_USERNAME=adminADMIN_PASSWORD=admin123
Change these before using any shared or persistent environment.
MONGODB_URI- MongoDB connection stringMONGODB_DB- MongoDB database nameREDIS_URI- Redis connection stringJWT_SECRET- JWT signing secretAPP_ENCRYPTION_KEY- 32-byte application encryption keyMFA_SECRET_KEY- MFA secret protection keyENABLE_WORKER- enables the monitoring workerGRACEFUL_SHUTDOWN- toggles graceful shutdown behavior
Statora exposes a public status surface and a protected admin API.
GET /api/status/summaryGET /api/status/componentsGET /api/status/incidentsGET /api/status/category/:prefixGET /api/status/settingsGET /api/status/maintenancePOST /api/subscribeGET /ws
The admin API includes routes for:
- profile and MFA flows
- incidents and incident updates
- maintenance
- components and subcomponents
- monitors, logs, uptime, history, outages, and metrics
- subscribers
- webhook channels
- users and invitations
- status-page settings
Statora uses JWT-based authentication with MFA-aware access control.
- Users authenticate through
/api/auth/login - Protected routes require valid JWT authentication
- MFA verification is enforced before access to the protected admin experience
- Role checks separate
admin-only routes from routes shared withoperator - SSO callback support is available through
/sso/callback
Based on the current codebase state, the most realistic next improvements are:
- production hardening of permissive default CORS configuration
- deeper operational documentation for API and deployment workflows
- clearer separation of worker/runtime scaling concerns
- broader automated UI verification coverage
Contributions are welcome. Keep changes aligned with the current layered structure:
- handlers for HTTP transport concerns
- services for business logic
- repositories for persistence
- focused frontend pages and shared components for UI behavior
When updating the platform, prefer backward-compatible data evolution over breaking schema assumptions.
Licensed under the MIT License.