{"id":49731187,"url":"https://github.com/openlander-ai/openlander","last_synced_at":"2026-06-13T21:01:32.118Z","repository":{"id":356642324,"uuid":"1233453030","full_name":"openlander-ai/openlander","owner":"openlander-ai","description":"MCP-native deployment control plane for coding agents.","archived":false,"fork":false,"pushed_at":"2026-06-07T02:03:38.000Z","size":16460,"stargazers_count":1,"open_issues_count":5,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-07T02:04:54.021Z","etag":null,"topics":["ai-agents","deployment","devops","docker","mcp","paas","platform-engineering","self-hosted","traefik","typescript"],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/openlander-ai.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-05-09T01:26:52.000Z","updated_at":"2026-06-07T02:03:42.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/openlander-ai/openlander","commit_stats":null,"previous_names":["openlander-ai/openlander-public"],"tags_count":54,"template":false,"template_full_name":null,"purl":"pkg:github/openlander-ai/openlander","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openlander-ai%2Fopenlander","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openlander-ai%2Fopenlander/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openlander-ai%2Fopenlander/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openlander-ai%2Fopenlander/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/openlander-ai","download_url":"https://codeload.github.com/openlander-ai/openlander/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openlander-ai%2Fopenlander/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34300116,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-13T02:00:06.617Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-agents","deployment","devops","docker","mcp","paas","platform-engineering","self-hosted","traefik","typescript"],"created_at":"2026-05-09T06:19:01.552Z","updated_at":"2026-06-13T21:01:32.105Z","avatar_url":"https://github.com/openlander-ai.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OpenLander\n\n**MCP-native deployment control plane for coding agents.**\n\n[![License: AGPL-3.0](https://img.shields.io/badge/License-AGPL--3.0-blue.svg)](https://www.gnu.org/licenses/agpl-3.0)\n[![Release](https://img.shields.io/github/v/release/openlander-ai/openlander)](https://github.com/openlander-ai/openlander/releases)\n\n[Quickstart](#quickstart) · [Current status](#current-status) · [Why OpenLander?](#why-openlander) · [Agent evals](#agent-operability-evals) · [MCP tools](docs/wiki/MCP-Tools-Reference.md)\n\nOpenLander lets coding agents deploy, inspect, diagnose, and operate apps on\nyour own server, with risky actions gated by human approval.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"docs/assets/social-preview.png\" alt=\"OpenLander — MCP-native deployment control plane for coding agents\" width=\"920\" /\u003e\n\u003c/p\u003e\n\n---\n\n## Quickstart\n\n```bash\ncurl -fsSL https://raw.githubusercontent.com/openlander-ai/openlander/main/install.sh | sudo bash\n```\n\nWant to inspect it first? Download\n[`install.sh`](https://raw.githubusercontent.com/openlander-ai/openlander/main/install.sh)\nand read it before running with `sudo bash`.\n\nThe installer sets up Docker/Compose if needed, starts the published\n`ghcr.io/openlander-ai/openlander:latest` image with Postgres, and prints the\ndashboard URL. Open it, create the admin password, then copy the MCP token into\nyour coding agent from the **Your Agent** page (`/mcp-server`).\n\nOn a cloud VM, allow inbound TCP `80` for deployed app routes and TCP `10114`\nfor the OpenLander dashboard/MCP endpoint. If those ports are blocked by a\nsecurity group or host firewall, the installer can succeed while the printed\nURLs remain unreachable.\n\nTry a small public demo app after connecting your agent:\n\n```text\nDeploy https://github.com/openlander-ai/openlander-demo-app to OpenLander.\nUse the default branch and health check path /health.\n```\n\nOpenLander should build the Dockerfile, start the app, and return a URL like\n`http://openlander-demo.\u003cserver-ip\u003e.sslip.io` without requiring a custom\ndomain.\n\nIf your server has a public domain or a preferred LAN IP, set it before\ninstalling so OpenLander advertises reachable app URLs:\n\n```bash\ncurl -fsSL https://raw.githubusercontent.com/openlander-ai/openlander/main/install.sh \\\n  | sudo env OPENLANDER_PUBLIC_HOST=apps.example.com bash\n```\n\nThe public `0.1.x` releases use a fresh Postgres baseline. If you ran a\npre-public dogfood build, start from a new Postgres volume or export/import data\nmanually before upgrading.\n\nUpdate later with:\n\n```bash\ncurl -fsSL https://raw.githubusercontent.com/openlander-ai/openlander/main/install.sh | sudo bash -s update\n```\n\nPrefer manual setup? Download\n[`docker-compose.runtime.yml`](docker-compose.runtime.yml) and run\n`docker compose -f docker-compose.runtime.yml up -d`.\n\nFor agent setup details, see [MCP Tools Reference](docs/wiki/MCP-Tools-Reference.md).\n\n---\n\n## Current status\n\nOpenLander v0.1 is an early public preview.\n\nIt is good for:\n\n- trusted self-hosted servers\n- side projects and small apps\n- agent-assisted deployment workflows\n- cheap VPS, homelab, and small server setups\n\nIt is not yet:\n\n- a mature general-purpose PaaS\n- a production-grade multi-tenant sandbox\n- a Nomad or Kubernetes replacement\n- a fully self-healing PaaS\n- a one-click importer for existing Docker/PaaS workloads\n- safe for running arbitrary untrusted code without additional isolation\n\nOpenLander controls Docker on the host and is intended for trusted self-hosted\nenvironments. Do not expose the dashboard or MCP endpoint publicly without\nauthentication, TLS, and network-level protection.\n\n---\n\n## Why OpenLander?\n\nAI coding agents made building software faster, but deployment is still a\nbottleneck. Cloud platforms get expensive; self-hosting is cheaper, but most\ndeploy tools assume a human is clicking the dashboard. Agents can hit a REST\nAPI, but they often don't get the context they need to debug a failed build,\ninspect runtime state, or recover safely.\n\nOpenLander's core operations are protocol-independent. v0.1 ships with MCP as\nthe first supported adapter because it is the most practical interface current\ncoding agents can use. OpenLander exposes deploys, logs, services, approvals,\nand runtime state in a shape agents can read, with risky actions held behind\nexplicit human approval.\nEnvironment variables and secrets are masked by default in MCP responses; raw\nvalues are only returned through explicit reveal operations.\n\n### Agent-shaped failure responses\n\nOpenLander does not only expose deploy endpoints. It returns failure context in\na shape an agent can act on.\n\n```json\n{\n  \"status\": \"failed\",\n  \"phase\": \"healthcheck_wait\",\n  \"deploy_id\": \"dep_123\",\n  \"service_id\": \"svc_123\",\n  \"error\": \"container exited before the health check passed\",\n  \"diagnostic_call\": {\n    \"tool\": \"openlander_monitor\",\n    \"action\": \"diagnose_service\",\n    \"params\": {\n      \"service_id\": \"svc_123\"\n    }\n  },\n  \"_agent_guidance\": {\n    \"next_steps\": [\n      \"Call diagnose_service to inspect logs, env shape, container state, and dependency probes.\",\n      \"Fix the issue, then redeploy the service.\"\n    ]\n  }\n}\n```\n\nA generic API gives an agent endpoints. OpenLander gives it status, IDs,\ndiagnostics, and the next call shape needed to keep working.\n\nOpenLander 0.1 does not run an internal self-healing agent. It gives external\nMCP-capable coding agents structured tools and context to deploy, inspect,\ndiagnose, and recover services explicitly. It assumes a trusted self-hosted\nenvironment, not a multi-tenant sandbox for arbitrary untrusted code.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"docs/assets/your-agent-setup.png\" alt=\"OpenLander MCP agent setup — connect Claude, Cursor, Windsurf, and more\" width=\"920\" /\u003e\n  \u003cbr /\u003e\n  \u003csub\u003eConnect your AI client once, then let it deploy, inspect logs, and diagnose services through MCP.\u003c/sub\u003e\n\u003c/p\u003e\n\n---\n\n## Agents operate. You intervene.\n\nMost deploy platforms assume a human sits in front of the dashboard, reads the\nform, and clicks the button. OpenLander is built the other way around.\n\n**Agents do the work.** v0.1 supports MCP out of the box, so Claude Code,\nCursor, OpenCode, Cline, Windsurf, and Codex can drive deploys, redeploys, log\ninspection, and recovery through OpenLander today.\n\n**Guardrails are built in.** Agents get org- and project-scoped tokens.\nDestructive MCP actions are either blocked outright or held for human\napproval. The dashboard surfaces what the agent did, what's pending, and\nwhat's blocked — so you stay in the loop without staying at the keyboard.\n\nOpenLander is a control plane built for agentic operation; the dashboard\nis the human surface on top.\n\n---\n\n## Agent operability evals\n\nI test OpenLander with coding agents, not just API smoke tests — a sanity check\nfor the agent-native direction, not a PaaS ranking or a \"faster / solved\neverything\" claim.\n\n- **Question:** can smaller agents stay on safe, high-level workflows for common\n  deploy and update tasks?\n- **Fixture:** a small Node app with managed Postgres + Redis.\n- **Rows:** repeat runs from Codex/GPT and Claude models, reported separately\n  so release lines and model families are not mixed.\n- **Product Gate (pass/fail), scenario-specific:** initial deploy → app live,\n  `/health` 200, DB write/read, Redis counter increments, advertised URL serves,\n  app/DB/cache in one project/network; bad-runtime update → the bad candidate\n  stays off the public route, the previous version keeps serving, and the failure\n  is reported honestly.\n\n| Scenario                                         | Result                                                                                                                                                                                                                                      |\n| ------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| Initial deploy: app + managed Postgres + Redis   | Spark, Mini, Claude Haiku, and Claude Sonnet each **passed the Product Gate 3/3**. Haiku took heavier inert-shell / path detours (Tool Discipline deductions, no infra mutation); Sonnet stayed mostly on the composite path with no shell. |\n| Bad-runtime update: broken candidate after build | Spark, Mini, Claude Haiku, and Claude Sonnet each **passed the Product Gate 3/3**: bad candidate never public, previous version kept serving, failure reported honestly. Haiku and Sonnet both used the no-strategy path, never forced.     |\n\nAgent behavior is scored separately from product correctness: detours are\noperability deductions, not Product Gate failures; if the Gate fails, operability\nis \"not scored\" rather than given a clean-looking number.\n\nSee [Agent Operability Evals](docs/evals/agent-operability.md) for methodology,\nfull tables, fixtures, and limitations.\n\n---\n\n## Mental model\n\n- A **Project** is a workspace.\n- An **Application** is a Git or image workload. It owns repository or image,\n  branch, Dockerfile, build config, runtime state, and deploy history.\n- A **Compose** resource is one Project-level stack; its containers stay inside\n  that stack surface.\n- A **Database/Cache/Storage resource** is infrastructure such as Postgres, MySQL, Redis,\n  MongoDB, or MinIO. In v0.1 these are project-scoped: they attach to the\n  project that uses them and run on that project's Docker network. Cross-project\n  shared Database/Cache/Storage resources and external TCP exposure are deferred.\n\nExisting Docker/PaaS workloads can be migrated with operator-assisted guidance\ntoday. Automatic import/adoption of existing containers, networks, and volumes\nis planned after v0.1.\n\nThe dashboard and MCP both expose a one-step \"deploy this repo\" path for the\ncommon single-Application case.\n\n---\n\n## Features\n\n**Deployment**\n\n- Git → Docker → URL pipeline. Auto-detects ports, proxies, and containers\n  before deploying.\n- Deploy apps from public Git repos, connected private GitHub repos, or public\n  container images, and provision\n  project-scoped Postgres, MySQL, Redis, MongoDB, and MinIO services alongside\n  them. Private container registry support is on the roadmap.\n- Cancel a stuck build mid-flight. The cancel goes through the same SSE log\n  channel agents are watching.\n\n**Observability**\n\n- Live SSE log stream with phase markers (`clone`, `image_pull`, `build`,\n  `container_start`, `healthcheck_wait`).\n- Service health and runtime status with last-seen timestamps.\n- Activity timeline filterable by actor (MCP / human / system).\n\n**Agent control**\n\n- MCP server bundled in. Org- and project-scoped tokens with cross-project\n  scope checks. Per-project audit trail.\n- Env vars and secrets are masked by default in MCP responses, so agents can\n  inspect configuration shape without automatically receiving raw secret values.\n- Conservative built-in safety policy. Project and app archive/delete flows\n  are human UI-only. Destructive MCP actions that remain exposed are either\n  blocked at the MCP boundary or held in a human approval queue before\n  execution.\n\n**Self-hosted**\n\n- The one-command installer sets up Docker/Compose if needed. Manual\n  `docker compose` setup is still supported.\n- Postgres ships in the same compose file; no external database required.\n- Traefik handles routing for deployed services. TLS depends on your domain\n  / proxy setup.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"docs/assets/home-dashboard.png\" alt=\"OpenLander dashboard — projects, deployments, and agent activity at a glance\" width=\"920\" /\u003e\n  \u003cbr /\u003e\n  \u003csub\u003eThe dashboard stays focused on what the agent did: project health, latest deploys, service topology, and audit activity.\u003c/sub\u003e\n\u003c/p\u003e\n\n---\n\n## MCP setup\n\nOpenLander runs an MCP server out of the box. Endpoints:\n\n```\nHTTP  http://\u003chost\u003e:10114/mcp\nSSE   http://\u003chost\u003e:10114/mcp/sse\n```\n\nPer-client snippets (Cursor, Claude Desktop, Claude Code, OpenCode, Cline,\nWindsurf, Codex) live in\n[docs/wiki/MCP-Tools-Reference.md](docs/wiki/MCP-Tools-Reference.md).\n\n---\n\n## Roadmap\n\nThe shape of v0.2 is driven by what makes agentic operation more reliable.\n\n**Current (v0.1)**\n\n- Git-to-URL deploy pipeline.\n- MCP server with deploy / inspect / operate tools.\n- Dashboard for human oversight + intervention.\n- Project-scoped Database/Cache/Storage resources for Postgres, MySQL, Redis,\n  MongoDB, and MinIO through agent/MCP workflows.\n- Deterministic post-deploy recovery primitives for external agents: structured\n  `diagnose_service` findings, safe route re-pointing, same-image runtime env\n  apply, verification details, and rollback when a hot path fails.\n\n**Next**\n\n- **Recovery loop hardening** — expand high-confidence diagnostics and verified\n  hot paths before turning on built-in automation. External agents still decide\n  and call each remediation step explicitly.\n- **Environment contract** — first-class project, deployment-target, service,\n  and generated runtime variable scopes, with clear redeploy guidance.\n- **Private container registries** — AWS ECR, Google Artifact Registry, and\n  any OCI registry behind cloud-provider auth.\n- **Service templates** — beyond Postgres / Redis. Object storage, message\n  queues, search, vector DBs.\n- **Deployment targets** — production/development target policy first, designed\n  so staging can be added later without a rewrite.\n- **Notifications** — Slack and Discord webhooks for deploy / health /\n  approval events.\n- **Internal AI Ops** — optional incident response inside a policy you set,\n  built on the deterministic recovery contracts above rather than a separate\n  chat-first automation path.\n\nIf a roadmap item matters to you, opening an issue moves it up the queue\nmore than waiting for it does.\n\n---\n\n## Requirements\n\n- Linux server with root/sudo access for the one-command installer\n- Docker Engine with the Docker Compose v2 plugin for manual installation\n- ~1 GB free RAM for OpenLander + the bundled Postgres\n- A host that can expose port `10114` (or whatever you map)\n- Node.js 22+ for development; runtime ships in the Docker image\n\nOpenLander has been used on Linux servers, homelab machines, Apple Silicon,\nand inside Tailscale-only networks. Published runtime images support\n`linux/amd64` and `linux/arm64`.\n\n### Installing Docker\n\nThe quick installer does this for Linux servers. For manual setup:\n\n```bash\n# Linux / WSL2\ncurl -fsSL https://get.docker.com | sh\nsudo usermod -aG docker $USER\ndocker run --rm hello-world\n\n# macOS\nbrew install --cask docker\n```\n\nVerify Docker Compose v2 is present (most installers include it, but some\nminimal Linux setups do not):\n\n```bash\ndocker compose version\n```\n\nIf the command is not found, install the Compose plugin:\n\n```bash\n# Debian / Ubuntu\nsudo apt-get update \u0026\u0026 sudo apt-get install -y docker-compose-plugin\n\n# Other distros: https://docs.docker.com/compose/install/linux/\n```\n\n---\n\n## Development\n\n```bash\ngit clone https://github.com/openlander-ai/openlander\ncd openlander\nnpm install\ncd web \u0026\u0026 npm install \u0026\u0026 cd ..\nnpm run build\nnpm test\n```\n\nRun the dev server (builds from `Dockerfile`, no GHCR pull):\n\n```bash\ndocker compose up -d\n```\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for branch conventions, test policy,\nand PR layout.\n\n---\n\n## Contributing \u0026 License\n\nIssues and PRs are welcome. Read [CONTRIBUTING.md](CONTRIBUTING.md) and\n[CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md) before opening a PR. Security\nreports go through [SECURITY.md](SECURITY.md), not public issues.\n\n[AGPL-3.0](LICENSE). Third-party notices live in\n[THIRD_PARTY_NOTICES.md](THIRD_PARTY_NOTICES.md).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenlander-ai%2Fopenlander","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenlander-ai%2Fopenlander","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenlander-ai%2Fopenlander/lists"}