Why we built Sysnet Portal

Mission, pains, and the 10x customer plan.

Mission

Sysnet builds education-grade software. To grow from 8 foundations & 297 schools to 80+ foundations & 3,000+ schools, our internal operations must keep up. This portal is the operations brain.

One pane of glass for every server, customer, secret, deploy, and runbook, so onboarding a new customer takes 30 minutes, not 3 days, and the team stops hunting in spreadsheets.

The pain today

  • Snowflake servers
    ~15 servers, 5 panel types (Plesk, aaPanel, cPanel, RDP, raw SSH), 4 OS families. Every customer install is unique.
  • Credentials in a Google Sheet
    Anyone with the sheet link has full prod access to every customer. Worst-case scenario waiting to happen.
  • Deploy = bash in a panel terminal
    git pull + artisan migrate scripts run by hand. No rollback, no audit, no parallel safety.
  • No central monitoring
    Only one customer has monitoring set up. We learn outages from customer phone calls.
  • Onboarding takes days
    Spin VPS, install Plesk, clone Laravel, seed DB, wire DNS, configure SSL. New customer = sales bottleneck.
  • Tribal knowledge
    Runbooks live in Slack scrollback or in someone's head. Onboarding new teammates = weeks.

The plan in 4 phases

0

Stop the bleeding (week 1)

  • Vaultwarden replaces the Google Sheet. Credentials encrypted, audited, revocable.
  • Renew expired UltaHost VDS (was already broken).
  • Pick the most modern customer setup as the golden template.
1

Standardize new customers (month 1)

  • Coolify replaces Plesk + aaPanel. One UI, manage all servers via SSH.
  • Onboarding script: ./onboard.sh <name>. VPS, DNS, SSL ready in 30 minutes.
  • All new customers run identical Docker stack on Ubuntu 24.04.
2

Centralize ops (month 2–3)

  • Grafana + Prometheus + Loki on one ops server. See all customers at once.
  • Uptime Kuma synthetic checks, with Discord alerts.
  • restic backups to Backblaze B2, nightly per customer, encrypted.
  • Ansible Semaphore for legacy server ops with audit log.
3

Migrate legacy + CI/CD (month 3–6)

  • Migrate Plesk customers to Coolify, smallest first to biggest.
  • SAK Windows to Linux, riding the .NET 10 migration. Kills Windows + SQL Server licenses.
  • Gitea Actions self-hosted, git push deploys to all customer servers.

The 10x math

Onboarding time
3 daysbecomes 30 min
Servers managed per ops engineer
~5becomes ~50
Cost savings (Plesk + Windows + SQL Server licenses)
n/abecomes ~Rp 37M/yr
Ops hours reclaimed (per year)
n/abecomes ~400h
Time-to-detect outage
customer callbecomes under 5 min
Customer fleet capacity
~8 foundationsbecomes 80+ foundations

What this portal is

Customer CRM
Foundations, units, contacts, contracts, MRR, all in one place.
Server inventory + secrets
Replaces the Google Sheet. Secrets stay in Vaultwarden, portal indexes them.
Deploys via Coolify
Each deploy logged with commit SHA, status, who triggered it.
Monitoring + audit
Grafana embedded, every mutation in the audit log, Discord alerts.

Status

MVP scaffoldedCustomers module liveServers, Secrets, Deployments in Phase 2v0.1 · 2026-05-20