What Moss can do and what makes it unique
Moss may be different things to different people. Some users think of it as a modern, cloud-based control panel for their servers. Others see it as a kind of PaaS they can use on their own infrastructure. To us, Moss is a virtual sysadmin that helps you deploy, manage, and monitor your servers and websites easily and securely.
Why a virtual sysadmin, you might ask. Because it connects to your servers to perform whatever operations are needed as if a real sysadmin were doing the job. But in this case, the required commands and configs aren’t set up by hand but by means of automated and well-tested processes.
Regardless how you look at it, Moss takes care of many time-consuming system administration tasks so that you can focus on building value for you and your team.
What can Moss do on my behalf?
- Set up and secure your Ubuntu servers the right way.
- Launch new servers on any of the supported providers. Ever wanted to use Amazon EC2 but got overwhelmed by the complexity to get started? Don’t worry, Moss will take care of Elastic IPs, Security Groups, and everything required for a safe and robust setup. The same applies to other providers like Google Cloud, DigitalOcean, or Vultr.
- Automatically apply security updates on a daily basis.
- Automatically update your firewall as you create sites via Moss. You can also add or remove rules from Moss.
- Set up and deploy your websites. Link with Moss the git repo that contains the code of your website and take advantage of zero-downtime deployments.
- Issue and renew Let’s Encrypt certificates for your sites.
- Help you manage databases, cron jobs, and worker processes.
- Monitor your servers and websites. Moss will send you an alert when something is going wrong. In addition, you’ll have access to the metrics collected in order to analyze how performance has changed over time.
- Streamline the workflow of your team by leveraging the integrations of Moss with 3rd-party tools and providers.
- And more! We keep adding features, stacks, and integrations on a regular basis.
Who uses Moss?
- Individual developers, either hobbyists or freelancers.
- Website owners.
- Web development agencies.
- Startups building web applications or API servers.
- SMEs that host web applications or sites on VPS or Cloud Servers.
What sets Moss apart?
Moss implements unique features that provide our customers with higher value than other alternatives.
You can see in real-time what operations Moss is performing on your servers. An operation is any set of tasks Moss runs on a server to achieve a given objective, e.g. set up a new website, create a database, or deploy a new release of a site. In particular, you can check:
- Who triggered the operation.
- When it started.
- What task is currently in progress.
In this way, everyone in your team can be on the same page operations-wise. Better yet, they have full access to the log of an operation – regardless it succeeded or failed. This greatly helps debug issues and allow your team to understand what’s actually going on your servers.
Security by design
Every feature in Moss takes security very seriously. Moss tries its best to secure your servers in the best possible way. This influences the design of our own platform, as explained in the following.
1- Moss is agent-less
Other products install a control agent on your server so that they can issue commands remotely. While convenient, this approach poses a serious security risk: If an attacker found a bug on such agent, they could take over all your servers.
On the contrary, Moss is agent-less and all commands are run by means of Ansible playbooks. There’s no need to install a control agent, since the code to be executed is sent over SSH. The likelihood for an attacker to exploit a vulnerability in the OpenSSH server is way lower than in a custom-made agent.
With this design decision, Moss reduces the attack surface of your servers. More on this below.
2- Moss installs software as needed
Other competing products install lots of software in all the servers you connect to them: Web, database and/or queue servers are installed as part of their setup process. I.e. they treat all servers as if they were equal.
But they aren’t! If you have a dedicated database server, why would you install Nginx on it? It’ll just consume resources (cpu, memory and disk) on your server while, at the same time, provides bad guys with another attack vector.
Instead, Moss installs software as it’s actually needed. If you don’t host a database on a server, MySQL won’t be installed. If you create a site on a server, Nginx will be installed then. And so on.
3- Unattended security updates, firewall, and more
Other products don’t update the packages of your servers on a regular basis, or always apply all available updates. The former is dangerous from a security viewpoint, the latter might break things from time to time.
Instead, Moss updates all packages with a pending security patch on a daily basis. This ensures your servers are protected against well-known security bugs, but we minimize the likelihood of breaking your application after an upgrade.
Similarly, Moss protects your server using either iptables or your provider’s firewall. Moss automatically allows traffic to your server as you perform operations. E.g. if you create a site that connects with a database on a remote server, Moss will automatically allow such connection by adding the appropriate firewall rule. You can also add or remove firewall rules easily from Moss, and it’ll apply the corresponding configs.
To summarize, security is at the core of our design process and it impacts all the features Moss offers.
We understand Moss is more valuable as it integrates with more tools and providers in your workflow. Therefore, we make a great effort to support 3rd-party providers that help you do more with less hassle. Basically, Moss can save you more time and give you greater value as it connects to your accounts on your favorite providers.
As of this writing, Moss integrates with Amazon EC2, DigitalOcean, Google Cloud, Vultr, GitHub, GitLab, Bitbucket, and Slack. But stay tuned, because more integrations are on their way.
Is Moss appropriate for my stack?
Moss currently supports:
- At least the two latest Ubuntu Server LTS releases: 18.04 (Bionic) and 16.04 (Xenial) as of this writing.
- PHP applications. Supported PHP versions include 5.6, 7.0, 7.1, 7.2, 7.3, and 7.4. Future versions will be supported as released.
- Node.js applications. Supported versions include Node.js 10 LTS, 12 LTS, and 13. Additional versions will be supported in the future.
- While Moss can set up and deploy any PHP application, it provides native support for some well-known frameworks. In particular, WordPress, Laravel, and Symfony. If your favorite framework is not in that list and/or you think we can do something to improve its support in Moss, please let us know.
- Regardless the former points, keep in mind that you can use Moss and still deploy e.g. a Ruby or Python application. However, the process is more involved – we have some specific articles in this Help Center. In case you need some of these platforms, please let us know and we’ll try to give them full support when/if possible.
- At this moment, Moss can use OpenResty (Nginx) as a standalone web server, or as a reverse proxy in front of Apache. You choose.
- At this moment, Moss supports MySQL databases and some additional software services like MongoDB, Memcached, Redis, Beanstalkd, Postfix, or Fail2ban.