PatchMe is a minmal system version monitoring tool. It provides a central overview of system states, software versions, and compliance status, helping you identify vulnerabilities and outdated software early. The core idea of PatchMe is the implementation of the Zero Trust principle: Only a single, secured API route is exposed externally. All systems send their version information exclusively to this endpoint. This eliminates the need for direct logins or access to individual systems—management and monitoring are handled centrally, securely, and with minimal attack surface.
- Central Dashboard: Overview of all connected systems and their software states.
- Baseline Management: Define minimum/maximum versions (baselines) or informational requirements for critical software components (MIN, MAX, INFO).
- Tagging & Grouping: Flexibly tag and filter systems.
- Activity Log: Traceable history of all changes and system messages.
- API-first: Easy integration and automation via REST API.
- User & Role Management: Access control for different user groups.
- Dark Mode & Responsive UI: Modern, customizable interface.
To start monitoring a system, first create a new system entry in the PatchMe dashboard. Once the system is registered, you can report its software versions by sending a JSON payload to the /api/ingest endpoint.
For Linux environments, this is typically automated using a script and a scheduled task (e.g., with cron or systemd timer). The script collects version information and sends it to PatchMe via a simple curl command:
curl -X POST https://your-patchme-instance/api/ingest \
-H "Content-Type: application/json" \
-d '{
"key": "<API_KEY>",
"versions": [
{ "variable": "openssl", "version": "1.1.1w" },
{ "variable": "nginx", "version": "1.24.0" }
]
}'- MIN: Minimum version required (e.g. PHP >= 8.1)
- MAX: Maximum version allowed (e.g. Node <= 18)
- INFO: Informational only, no version check (z.B. OS, Distribution)
You can automate this process to run daily, ensuring PatchMe always has up-to-date version data for all your systems.
You can also use the provided prompt in examples/gpt-prompt.md to create your own AI assistant for generating ingestion scripts. By pasting this prompt into ChatGPT or a similar tool, you can quickly build a tailored assistant that interactively asks for required variables and paths, then generates a robust pm_ingest.sh script for your environment. This approach enables you to automate script creation for any system, making onboarding and integration even faster.
For details and an example prompt, see examples/gpt-prompt.md.
- Docker (recommended) or Node.js 18+
- A mariadb / mysql database
docker run -d \
-p 3000:3000 \
-e DATABASE_URL="mysql://user:pass@127.0.0.1:3306/patchme"\
-e JWT_SECRET="your-secret-password" \
-v patchme-data:/data \
ghcr.io/tenbyte/patchme:latestOr with docker-compose:
git clone https://github.com/tenbyte/patchme.git
cd patchme
cp .env.example .env
docker-compose up -dgit clone https://github.com/tenbyte/patchme.git
cd patchme
pnpm install
cp .env.example .env
pnpm run devThe app will be available at http://localhost:3000.
All configuration options can be set via environment variables:
| Variable | Description | Default value |
|---|---|---|
| DATABASE_URL | Database URL | mysql://user:pass@127.0.0.1:3306/patchme |
| JWT_SECRET | Secret for authentication | (must be set) |
| PORT | Port for the web server | 3000 |
Baselines:
| Type | Description | Example |
|---|---|---|
| MIN | Minimum version required | PHP >= 8.1 |
| MAX | Maximum version allowed | Node <= 18 |
| INFO | Informational only | OS: Ubuntu |
See DOCKER.md for more details.
- Docker:
ghcr.io/tenbyte/patchme:latest - GitHub: github.com/tenbyte/patchme
- Frontend: Next.js, React, Tailwind CSS
- Backend: Prisma ORM, REST API
- Database: Only MariaDB / MySQL are supported
Pull requests, bug reports, and feature requests are welcome!
MIT License – see LICENSE for details.
PatchMe is provided without any warranty. No liability is assumed for damages resulting from the use, malfunction, or misconfiguration of the software. Use at your own risk. Please evaluate the suitability of PatchMe for your specific use case and ensure compliance with applicable security requirements before deployment.