Why NETrock?

Every project starts the same way: authentication, role management, rate limiting, validation, API documentation, Docker setup... You spend weeks on infrastructure before writing a single line of business logic.

NETrock skips all of that. It ships a production-hardened .NET 10 API with a complete SvelteKit frontend — real security, real patterns, and real conventions that scale. Login works. Token rotation works. The permission system enforces role hierarchy. The admin panel manages users, roles, and background jobs. The Docker stack spins up with health checks. CI runs your tests.

Fork it, init it, own it. After initialization, there is no dependency on "the template." It's your code, your architecture, your product. Every decision is documented so you can understand it, change it, or throw it away.

What You Get

Backend — JWT auth with token rotation and reuse detection, permission-based authorization with role hierarchy, rate limiting, Redis caching with auto-invalidation, PostgreSQL with soft delete and audit trails, Hangfire background jobs, OpenAPI docs, health checks, Result pattern with ProblemDetails everywhere. See full details →

Frontend — Svelte 5 runes, type-safe API client generated from OpenAPI, automatic token refresh, Tailwind CSS 4 with shadcn-svelte, BFF proxy with CSRF protection, i18n, security headers, permission guards, dark mode, admin panel with user/role/job management. See full details →

Infrastructure — Single docker compose up for 5 services, init script for project bootstrapping, deploy script with multi-registry support, GitHub Actions CI with smart path filtering, Dependabot. See full details →

Security — Security-first design with HttpOnly JWT cookies, refresh token rotation with reuse detection, security stamp propagation, CSP with nonces, CORS startup guard, rate limiting, and input validation everywhere. See full details →

Quick Start

Want to see it first? Check out the live demo.

Prerequisites

• Docker Desktop
• .NET 10 SDK
• Node.js 22+
• Git

1. Clone & Initialize

git clone https://github.com/fpindej/netrock.git my-saas
cd my-saas

macOS / Linux:

chmod +x init.sh
./init.sh

Windows (PowerShell):

.\init.ps1

The init script will ask for your project name and base port, then rename everything, generate a JWT secret, and optionally create the initial migration and start Docker.

2. Launch Everything

docker compose -f docker-compose.local.yml up -d --build

That's it. Your entire stack is running:

Three test users are seeded in development:

3. Start Building

Add your domain entities, services, and pages — the architecture guides you. See SKILLS.md for step-by-step recipes.

Documentation

Deep dives: Features · Security · Architecture · Development · Before You Ship

Localization

Production-ready i18n with Paraglide JS — type-safe keys, SSR-compatible, auto-detection via Accept-Language. Ships with English and Czech. Adding a language is a single JSON file.

What This Is NOT

NETrock is opinionated by design. It's not:

• A generic starter — it makes real choices (PostgreSQL, not "any database"; JWT cookies, not "pluggable auth")
• A microservices framework — it's a monolith, because that's what 95% of products should start as
• A frontend framework — SvelteKit is included, but you can use just the API with any other frontend
• Magic — you still need to understand .NET (and SvelteKit if you keep it)

Contributing

Contributions are welcome! See CONTRIBUTING.md for guidelines.

Support the Project

NETrock is free and open source under the MIT License. If it saves you time, consider supporting its development:

Star the repo on GitHub · Join the Discord · Need custom development, consulting, or training? Get in touch

License

This project is licensed under the MIT License.