Fully-Integrated Open Source Productivity Stack
RemoteRails’ Flagship Product
The Hyper-Converged Sovereign Appliance is the first offering of its kind to provide enterprise VPN-protected cloud storage, office, instant messaging, & email as part of a unified self-hosted product.
All-in-One Files, Conferencing, & Mail Server
Sovereign replacement for Google Workspace, Zoom, & Office 365
A complete suite that replaces the functionality of the Google and Microsoft ecosystems with open source alternatives that meet the strictest data protection requirements.
Enterprise VPN, SSO, & Vault
Defguard protects the appliance’s network perimeter and applications by issuing WireGuard VPN profiles and OIDC authentication tokens – based on a single-source of truth for user identity.
All applications in the appliance use Defguard for Single Sign On. We chose Defguard because it’s the only solution of its kind that supports biometric, TOTP, and passkey 2FA for both network and application authentication.
Vaultwarden provides a zero-knowledge enclave for artifacts such as Matrix recovery keys, identity and credit cards, SSH keys, as well as time-based (TOTP 2FA) authenticator tokens.
Matrix Server with Element Call Infrastructure
Tuwunel is a Matrix homeserver implemented in Rust, listed by the Matrix.org Foundation. Its development was supported by the Swiss Post, which runs Tuwunel underneath its ePost deployment – providing secure messaging for Swiss residents.
Our appliance includes a ready-to-use private Tuwunel server for your team, isolated by default from other Matrix servers for zero leakage of your user directory, presence status, & room metadata. We also built-in a self-hosted Ntfy server, eliminating dependency on Google Play Services for push notifications and call ringing.
It is pre-integrated with LiveKit and Coturn, supporting E2EE voice and video calls with metadata remaining strictly within your own infrastructure – using the Element (web and desktop) and Element X (mobile) clients. The LiveKit JWT sidecar container automatically facilitates secure authentication to Element calls using short-lived access tokens.
Private File Sync & Share + Office
Nextcloud is the world’s most deployed self-hosted cloud storage server. We pre-configured the Files High-Performance Backend so all users’ sync clients establish a long-lived WebSocket connection, reducing battery drain and server load from polling.
The latest sync clients now support Virtual Files, allowing users to browse their share on the desktop without using local disk space. Zero-knowledge encryption with file-level granularity can be achieved with the use of the companion application, Cryptomator.
Integrated with OnlyOffice (Euro-Office in technical preview) for collaborative editing of office file formats (.docx, .xlsx, .pptx, .pdf) in high fidelity, ensuring that sensitive documents are never processed by Google Docs, Microsoft 365, or Adobe Document Cloud.
Email Server with Native PGP Support
Stalwart provides a modern, secure-by-default mail server — the first self-hosted option achieving parity with ProtonMail in security and usability. It also supports CalDAV for calendar & meeting invitations, and CardDAV for contacts.
Standard, unencrypted messages received from external domains are automatically encrypted at rest using the user’s uploaded PGP public key. Furthermore, integration with Web Key Discovery (WKD) allows compatible clients like Thunderbird and em Client to automatically negotiate end-to-end encryption, eliminating the friction of manual key exchanges.
The available add-on mail server is written in Rust, a memory-safe language, reducing the risk of software vulnerabilities while maintaining an incredibly light memory footprint.
Ready to Secure Your Infrastructure?
View system requirements and deployment paths here.