Login

u/AdmireMe717

NetMap - A self hosted network visability tool for home labs.
▲ 19 r/homelab

NetMap - A self hosted network visability tool for home labs.

Hey r/homelab,

I wanted to share a project I've been working on called NetMap. A self-hosted network management tool aimed at home labs and small environments.

What is it?

NetMap is a self-hosted tool that gives you a proper overview of your home lab or small network. Map out your devices, track IPs, watch for things going down, and dig into firewall logs — all from one place, running on your own hardware.

It started as a personal project to scratch an itch: one application that actually knows what's on your network, where it sits, and whether it's behaving. Built to drop straight into a Compose stack alongside your other self-hosted services with no cloud accounts, no subscriptions, and no phoning home.

Everything runs in a single container. The web UI, API, database, and syslog receiver are all bundled together — nothing to orchestrate beyond the one service.

Links

A note on AI

I want to be upfront about this: AI (Claude) was used extensively throughout this project — in writing code, debugging, designing features, and refining the UI. I'm not a professional developer by trade, and this project wouldn't exist in its current form without that help.

That said, every decision about what to build, how it should work, and what problems it should solve came from me. I tested everything, directed the development, and this is genuinely something I built to scratch my own itch and solve a problem I couldn't find elsewhere. The difference here is I just had a very capable coding assistant alongside me.

I think it's important to be honest about that rather than pretend I wrote every line myself. AI tools are part of how software gets built now, and I'd rather be transparent about it.

I've been heavily invested in IT for a long time and have a solid understanding of best practices and how systems should be structured. These decisions weren't made blindly. I cared about getting them right, researched the right approaches, and pushed back when something didn't meet the bar I'd set. The fact that AI helped implement it doesn't mean the underlying design decisions weren't deliberate and informed.

So take from this project what you will, I know people are going to jump on the AI slop bandwagon, but tbh I don't care. I think it's cool and so might others. Anyway, that's the disclosure 😝

Screenshots

https://github.com/user-attachments/assets/ffd0c6d9-072f-41c1-bd4e-15c3737ede6b

https://github.com/user-attachments/assets/f58ae91d-6b8e-40cb-95e5-f0a9975e97a6

https://github.com/user-attachments/assets/b6a666bb-ca75-4732-9416-4da65afcecfe

https://github.com/user-attachments/assets/13713071-f86e-432c-a503-d6069616109b

What it does

  • Topology canvas: this was one of my biggest frustrations with other tools. You add a device and then have to go and manually place it on some separate diagram. In NetMap, devices and VLAN groups you create automatically appear on the canvas. You can drag them around, draw links between them, and group things into VLANs or logical clusters. Positions are saved so it looks the same every time you come back. Supports multiple named sites in the case of business adoption, can be used to map out multiple site locations.
  • Device inventory: searchable, filterable table of every device. Bulk edit types, statuses, and sites. Supports servers, switches, routers, firewalls, APs, cameras, phones, VPNs, and cloud endpoints — each with a matching icon on the canvas.
  • Monitoring: continuous background polling with live ICMP ping, TCP port checks, RTT history graphs, a 30-poll heartbeat strip per device, and uptime tracking.
  • IPAM: define subnets, assign VLANs, track individual IP allocations, import DHCP leases from your router, and get a visual IP grid showing what's in use vs available.
  • Firewall log ingestion: receives syslog over UDP and TCP from pfSense, OPNsense, Unifi, or any RFC-5424/3164-compatible source. Live-tail in the browser, search by IP/port/protocol, and each log entry links directly to the device in your inventory.
  • Network discovery: run Nmap scans against a subnet and import discovered hosts straight into your inventory with hostnames, MACs, and open ports pre-filled.
  • Built-in tools: ping, traceroute, TCP connect, DNS lookup, and a subnet calculator. No more SSHing into a jump box for quick checks.
  • Alerts: rules that fire when devices go down or come back up, with notifications via ntfy, Telegram, Signal, or email (plans to add more in the future).
  • Access control: four roles (SuperAdmin, NetworkAdmin, SecurityAnalyst, Viewer) with granular permissions. Fully customisable.

Getting started

You need Docker and Docker Compose, that's it.

services:
  netmap:
    image: xoriin/netmap:latest
    container_name: netmap
    environment:
      PUID: 1000
      PGID: 1000
      TZ: "America/New_York"
      SECRET_KEY: "replace-with-generated-secret"
      MASTER_KEY: "replace-with-generated-fernet-key"
      TRUSTED_HOSTS: '["*"]'
    volumes:
      - /opt/netmap/data:/app/data
    ports:
      - "8080:8080"
      - "5514:1514/udp"
      - "5514:1514/tcp"
    cap_add:
      - NET_RAW
    restart: unless-stopped

Generate your secrets, drop them in, and docker compose up -d. First run prompts you to create your admin account and you're in.

Full compose file with every option documented is in the repo.

Feedback, bug reports, and feature suggestions all welcome. Happy to answer questions in the comments.

reddit.com
u/AdmireMe717 — 1 day ago