A secure HTTP server that can execute CLI commands via REST API endpoints using simple raw body requests. Returns command output as raw text by default, with JSON metadata available on request. Includes a full-featured web SSH terminal for interactive shell access.
# Install latest version
curl -fsSL https://raw.githubusercontent.com/adaptive-scale/webshell/master/install.sh | bash
# Install specific version
curl -fsSL https://raw.githubusercontent.com/adaptive-scale/webshell/master/install.sh | bash -s v0.1.6- Download the appropriate binary for your platform from GitHub Releases
- Make executable:
chmod +x webshell_* - Run:
./webshell_*(orwebshell.exeon Windows)
The automatic installer will:
- Detect your platform (Linux, macOS, Windows)
- Download the correct binary for your architecture (AMD64/ARM64)
- Install to system directory (
/usr/local/bin) or user directory (~/.local/bin) - Verify installation and show usage information
# Start WebShell (if installed to system PATH)
webshell
# Or run directly from user directory
~/.local/bin/webshell
# Custom port
PORT=3000 webshell- Linux AMD64:
webshell_linux_amd64 - Linux ARM64:
webshell_linux_arm64(Raspberry Pi, etc.) - macOS AMD64:
webshell_darwin_amd64(Intel Macs) - macOS ARM64:
webshell_darwin_arm64(Apple Silicon M1/M2) - Windows AMD64:
webshell.exe
- π RESTful API - Execute commands via HTTP POST requests with raw body
- π Raw Text Output - Get clean command output without JSON wrapper
- π₯οΈ Web SSH Terminal - Full interactive terminal in your browser
- π Security First - Whitelist of allowed commands only
- β±οΈ Timeout Protection - 30-second command execution timeout
- π Detailed Responses - JSON metadata available with Accept header
- π₯ Health Check - Built-in health monitoring endpoint
- π¨ Beautiful UI - Interactive web interface for testing
- π οΈ Makefile Support - Comprehensive build and development tools
# Using installed binary
webshell
# Using downloaded binary
./webshell_linux_amd64
# Custom port
PORT=3000 webshellThe server will start on port 8080 by default. You can change the port by setting the PORT environment variable.
Open your browser and navigate to http://localhost:8080 to see the interactive web interface with usage examples and a test form.
Click the "π₯οΈ Open Web Terminal" button or navigate to http://localhost:8080/terminal for a full interactive shell experience.
# List files in current directory (returns raw output)
curl -X POST http://localhost:8080/execute -d "ls -la"
# Check system uptime (returns raw output)
curl -X POST http://localhost:8080/execute -d "uptime"
# Get current working directory (returns raw output)
curl -X POST http://localhost:8080/execute -d "pwd"
# Find files with specific pattern (returns raw output)
curl -X POST http://localhost:8080/execute -d "find . -name '*.go'"
# Get JSON response with metadata
curl -X POST http://localhost:8080/execute \
-H "Accept: application/json" \
-d "uname -a"The project includes a comprehensive Makefile for easy development and deployment. Run make help to see all available commands.
# Show all available commands
make help
# Run the application
make run
# Build the application
make build
# Run with hot reload (development)
make dev
# Run tests
make test
# Format and vet code
make check# Build for current platform
make build
# Build for specific platforms
make build-linux # Linux binary
make build-darwin # macOS binary
make build-windows # Windows binary
# Build for all platforms
make build-all
# Build and run
make run-build# Run with hot reload (requires air)
make dev
# Install development tools
make setup
# Run code quality checks
make fmt # Format code
make vet # Vet code
make lint # Run linter
make check # Format, vet, and test
make pre-commit # All pre-commit checks
# Run tests
make test # Run tests
make test-coverage # Run tests with coverage
make test-bench # Run benchmark tests# Download dependencies
make deps
# Update dependencies
make deps-update
# Clean module cache
make deps-clean# Build Docker image
make docker-build
# Run Docker container
make docker-run
# Clean Docker images
make docker-clean# Build release binaries for all platforms
make release
# Build release binary for Linux only
make release-linux
# Install to GOPATH/bin
make install# Clean build artifacts
make clean
# Clean everything including dependencies
make clean-all# Run on custom port
PORT=3000 make run
# Build and run on custom port
PORT=3000 make run-build
# Docker run on custom port
PORT=3000 make docker-runExecute a command using raw body text. Returns raw output by default, or JSON with Accept header.
Request Body (raw text):
ls -la
Response (raw text by default):
total 8
drwxr-xr-x 2 user staff 68 Dec 20 10:30 .
drwxr-xr-x 3 user staff 102 Dec 20 10:30 ..
-rw-r--r-- 1 user staff 1234 Dec 20 10:30 main.go
Response (JSON with Accept: application/json):
{
"success": true,
"output": "total 8\ndrwxr-xr-x 2 user staff 68 Dec 20 10:30 .\n...",
"exit_code": 0,
"duration": "15.2ms",
"timestamp": "2023-12-20T10:30:00Z",
"command": "ls -la"
}Interactive web SSH terminal with full shell access. Features:
- Real-time terminal emulation using xterm.js
- Full bash shell access
- WebSocket-based communication
- Connect/disconnect controls
- Terminal clearing functionality
Health check endpoint.
Response:
{
"status": "healthy",
"timestamp": "2023-12-20T10:30:00Z",
"uptime": "running"
}Interactive web interface with usage examples, documentation, and a test form.
The web terminal provides a full interactive shell experience:
- Real-time Interaction: Type commands and see output immediately
- Full Shell Access: Access to all bash features and commands
- Responsive Design: Works on desktop and mobile devices
- Connection Management: Connect/disconnect as needed
- Terminal Controls: Clear terminal, manage connections
- Secure: Each session is isolated and cleaned up properly
- Navigate to
http://localhost:8080/terminal - Click "Connect" to start a shell session
- Type commands as you would in a regular terminal
- Use "Disconnect" to end the session
- Use "Clear" to clear the terminal output
For security reasons, only the following commands are allowed in the REST API:
ls- List directory contentspwd- Print working directorywhoami- Print effective user IDdate- Print or set system date and timeuptime- Show system uptimeps- Report process statusdf- Report file system disk space usagefree- Display amount of free and used memorytop- Display system processescat- Concatenate and print fileshead- Output the first part of filestail- Output the last part of filesgrep- Print lines matching a patternfind- Search for files in a directory hierarchyecho- Display a line of textuname- Print system informationhostname- Print or set system hostname
Note: The web terminal provides full shell access and is not restricted to the above commands.
- Command Whitelist: Only predefined commands are allowed in the REST API to prevent arbitrary code execution
- Web Terminal: Provides full shell access - use with extreme caution in production
- Timeout Protection: Commands have a 30-second timeout to prevent hanging processes
- Input Validation: All inputs are validated before execution
- Production Use: This server is designed for development/testing. Use with caution in production environments
- Network Access: Consider implementing authentication and HTTPS for production use
- Session Isolation: Each web terminal session is isolated and cleaned up properly