Weavestream brings clients, assets, credentials, articles, domains, SSL records, IP ranges, files, portals, integrations, search, and audit history into one self-hosted documentation system.
Built for MSPs, IT pros, and small teams who need more than a wiki and want to own the platform that holds their operational memory.
Weavestream is built around structured records instead of loose pages. Companies, assets, passwords, articles, domains, files, IP ranges, users, and integrations each have a proper place — and the real value comes from how they connect.
Each module is a real, structured part of the platform — not a marketing checkbox. Browse the cards below to see what each one covers.
Organize documentation around the companies, clients, departments, or environments you support.
Document servers, workstations, network gear, applications, licenses, and services with structured records.
Store credentials in context — linked to the clients, assets, and procedures that need them.
WYSIWYG or raw Markdown — procedures, runbooks, notes, and reference material, organized into per-tenant folders.
Track WHOIS expiry, DNS health, and TLS certificate validity across every hostname you support.
Per-company IPv4 subnets with utilization, conflict detection, manual reservations, and asset occupancy.
Attach files, photos, configs, exports, and scripts directly to the records they support.
A scoped read-only view per tenant — expose articles, assets, passwords, and domains selectively.
Postgres full-text search across articles, assets, and uploads, plus a fast Cmd+K command palette.
Per-user shortcuts to frequently used companies, assets, passwords, and articles — pinned to the sidebar.
Invite-only onboarding, forced TOTP MFA, two-layer roles, contractor access, and time-expiring memberships.
Append-only audit log with before/after JSON diffs, filters, pagination, and DB-role tamper protection.
Built-in drivers that sync external inventory into tenant asset records, on demand or on a schedule.
A persistent chat panel — ask questions, draft documentation, and edit articles using your own OpenAI-compatible LLM.
A closer look at four of the most important modules.
Per-tenant credential storage with AES-256-GCM encryption, TOTP secrets, password history, breach checks, strength scoring, and an offline password generator — all linked to the systems they unlock.
Articles give teams a place for human-readable documentation: procedures, troubleshooting steps, client notes, standards, internal runbooks. Each article can be authored in a Tiptap WYSIWYG editor or raw Markdown — chosen per article — and organized into a folder hierarchy per tenant.
This runbook covers the secondary path when vpn.acme.co fails the daily health check. The procedure references the fw-edge-01 asset and the vpn-admin credential.
fnsysctl vpn-fail-over.If the secondary tunnel does not come up, follow the vendor escalation article instead.
Domains and certificates are easy to forget until they fail. Weavestream helps track WHOIS expiry, DNS health, and TLS certificate validity across hostnames, with aggregate dashboards for upcoming expirations.
Weavestream includes IPAM for managing per-company IPv4 address spaces. Track subnets, see utilization, detect conflicts, reserve addresses manually, and visualize address-space usage. Replaces scattered spreadsheets and stale network notes.
Most documentation systems can store information. Weavestream is designed to connect it. Here is what a single asset — a firewall at a client's HQ — looks like from the inside.
Weavestream is built for the everyday documentation work that keeps IT environments supportable: onboarding clients, documenting infrastructure, securing credentials, tracking expirations, and finding context when something breaks.
Create the company record, add assets, attach credentials, write procedures, upload reference files, document domains, map IP ranges, and expose selected records through the portal.
Start from a client, asset, credential, domain, or search result. Follow related records until you find the procedure, access details, or supporting file you need.
Use integrations, scheduled syncs, audit history, starred items, expiration tracking, and structured records to prevent the slow drift into a forgotten pile of old notes.
Weavestream is designed for teams who care where their documentation lives. Run it yourself, control the database, manage access, enforce MFA, review audit history, and keep sensitive records inside infrastructure you choose.
Run Weavestream on your own server, NAS, VPS, or private cloud. Your hardware, your database, your control.
Password vault records use AES-256-GCM encryption. TOTP secrets are stored alongside the credential they pair with.
Invite-only onboarding, forced TOTP MFA, and two-layer role-based access controls — including time-expiring contractor access.
Append-only audit log with before-and-after JSON diffs, cursor-paginated UI, URL-sticky filters, and DB-role tamper protection.
The product is open source and built without background tracking, license callbacks, or artificial feature gates.
Open-source IT documentation comes with expectations in both directions. Here is the honest read.
Explore the product, review the source, or start self-hosting Weavestream and see how structured documentation changes the way you support clients and infrastructure.