AGPL-3.0 · Self-hosted · Data Sovereignty
Commercial customer-ops SaaS at $30-100K/year locks your data, locks features, and raises prices every year.
$git clone github.com/iannil/pinconsole$cd pinconsole && cp .env.example .env$make docker-up build-frontend build# visitor landing → http://localhost:8080/# operator admin → http://localhost:8080/adminThree layers of design decisions turn "data sovereignty" from marketing copy into an engineering fact you can verify.
Any modification to PinConsole must be open-sourced. Cloud vendors cannot turn it into SaaS — this is license-level hard protection. You get real open source, not "source available".
PostgreSQL 16 · Redis 7 · MinIO · Go 1.22 · Vue 3. Every layer is industry-standard, the schema is in your hands, data exports anytime.
GDPR consent opt-in + right-to-be-forgotten + IP truncation; HttpOnly cookie + bcrypt; command authorization + popup URL allowlist; WS trace_id end-to-end observability.
git clone https://github.com/iannil/pinconsolecd pinconsolecp .env.example .env make docker-up build-frontend build./server/bin/pinconsole-server # visitor landing → http://localhost:8080/# operator admin → http://localhost:8080/admin90+ commits, 65 e2e tests green. The five capabilities below are all end-to-end verified and can run on your server today.
rrweb captures all DOM mutations + mouse + clicks + scrolls + unfocused form values. 1fps WebP selective screenshots (canvas / WebGL / cross-origin iframes).
Operators can highlight / click / scroll / fill / navigate. 300ms debounce balances UX and bandwidth. Visitors can emergency-exit any time.
MinIO archives event streams + selective screenshots. 30-day default, configurable. GDPR delete endpoint. Standard rrweb-player replayer.
Message channel persisted to PostgreSQL. Popups support text / links / navigation. Chat history bound to session.
Rate limit + UA blocklist + behavior analysis + canvas/WebGL fingerprint. Consent opt-in + IP truncation + co-browse banner.
We publicly commit to what we build and what we won't. Stance doesn't change under commercial pressure — that's the point of an OSS alternative.
If you don't find your answer here, drop a note and we reply within 48h.
AGPL requires open-sourcing modifications when you offer the service externally. Internal company use (not exposing the service to the public) does not trigger this. Running PinConsole to serve your own visitors, without selling PinConsole itself, has zero compliance risk. Only cloud vendors trying to SaaS-ify it must open-source — that's exactly the license's protection.
v1 ships 90+ commits of end-to-end slices, with post-v1 roadmap public in PLAN.md §8. Consultation revenue funds continued maintenance. If this project is critical to you, consider paid consulting/customization — your payment is the best guarantee of sustainability.
Yes — that's the core of consultation. Describe your needs in the form, we respond within 48h with a scoping assessment. Custom dev is billed separately. All code returns to the project under AGPL-3.0 (your private deployment doesn't need to be open-sourced).
Not in v1, and not in the long-term stance either. Avoids competing with OSS users. We can recommend deployment partners (your choice), or assist you in standing up your own.
v1 is a single-instance hub (process-local map). Multi-instance requires a Redis Pub/Sub bus, which is a post-v1 slice. If your concurrent room demand exceeds 500, mention it in consultation — we can prioritize scheduling or customize.
Product-layer compliance is ready (GDPR / bcrypt / audit logs / consent). MLPS / ISO 27001 requires evaluating your deployment environment. Consultation can assist with compliance documentation, architecture mapping, and third-party assessment support.
After submission, data lives in the maintainer's self-hosted Cloudflare D1 (Asia region), not shared with third parties. We don't send marketing email — only contextual replies to your scenario.