Owner-only · WireGuard · UK VPS

Sentinel — your private VPN command center.

Dedicated IPs on your own server, WireGuard-speed tunnels, approval- and code-based unlocks, and full observability. No shared users, no traffic inspection, no rented "VPN service" fluff — just your devices and your infrastructure.

Deploy Sentinel Why it’s different
Control Plane

Manual + code-based unlocks

  • Approve/deny unlock requests in real time.
  • Issue 30–60s one-time tokens or use TOTP per device.
  • Short-lived WireGuard sessions with automatic expiry.
Device Registry

Pair once, enforce always

  • Per-device keypairs and IP allocations in your /24.
  • Remote revoke, disconnect, and key rotation.
  • Owner-only dashboard; zero shared accounts.
Observability

Live health without inspection

  • Ping, jitter, packet loss, CPU/RAM, tunnel count.
  • Upstream quality checks and best-server guidance.
  • No traffic or URL logging — control-plane only.
Why owner-only

Zero shared users, zero risk dilution

One operator, multiple personal devices. Every unlock is yours to approve. Your keys never leave your boxes.

Built on WireGuard

Fast, lean, auditable

Native WireGuard on your UK VPS. Minimal REST API to gate peers, no proprietary daemons, no packet inspection.

Hard rules
  • Kill switch + always-on where OS allows.
  • Unlock required after TTL or disconnect.
  • Logs exclude traffic; only handshakes and unlock events.
Get started

Deploy on your VPS

  1. Bootstrap WireGuard: run scripts/wireguard-bootstrap.sh on your VPS.
  2. Start the API: cd backend && npm install && npm run dev.
  3. Launch the dashboard locally: npm install && npm run dev.
  4. Pair devices, scan TOTP, and enforce unlocks.

Questions? WireGuard keys stay with you. Sentinel never inspects payload traffic.