What is Nanami
Nanami is a private connectivity platform for teams that run real infrastructure across multiple environments and ownership boundaries.
It uses WireGuard for encrypted transport and adds a control plane for:
- tenant and group isolation,
- network and node lifecycle,
- gateway inventory and health,
- access and onboarding workflows.
Philosophy
Nanami is opinionated about operations:
- Explicit models over hidden automation
- Objects like tenants, groups, networks, nodes, gateways, and policies are first-class.
- Security by default
- Key-based identity and scoped enrollment are part of baseline workflows.
- Day-two readiness
- Troubleshooting and ownership handoff are considered as important as first setup.
When to use Nanami
Nanami is a good fit when you need:
- private connectivity across multiple environments (dev/stage/prod),
- multi-team ownership with clear boundaries,
- gateway-aware operation for NAT-heavy networks,
- centralized control instead of ad-hoc VPN scripts.
When not to use Nanami
Nanami can be overkill if you only need:
- one static WireGuard tunnel,
- no shared ownership model,
- no need for gateway inventory, policy lifecycle, or multi-network operations.
Product status
Available now
- Control-plane APIs and WebUI for users, groups, networks, nodes, gateways, and regions.
- Join-key based enrollment for gateway-manager and gateway-daemon components.
- WireGuard config generation for enrolled nodes.
- Community and SaaS app modes.
Coming soon
- Advanced policy templates and richer RBAC assignment UX.
- Deeper audit and analytics workflows.
- Expanded managed client coverage (beyond Linux-first paths).
Continue reading
- Start with Quickstart
- Learn the core model in Concepts
- Review Architecture