EN
Platform UI is currently English-only. Other languages here track your preference for future translations.
AI-SRE-Agent
AI-SRE-Agent
Let AI manage your servers — through typed actions, not a root shell.
AI-SRE-Agent is an AI-native Linux server control layer. Instead of giving AI raw SSH access, it runs as a lightweight agent on your Ubuntu server and exposes 24 typed operations (inspect, restart, deploy, diagnose, audit) through MCP — the same protocol Claude Code speaks natively.
The Safety Model
AI never touches the shell. Every operation goes through:
User Intent → MCP Tool → Typed Action → Risk Classify → Plan/Apply → Approval Gate → Execute → Audit → Rollback
| Layer | What it does |
|---|---|
| Typed Actions | AI can only call service.restart, docker.list, app.deploy — never raw sudo rm -rf |
| Risk Classification | Every action gets low → medium → high → critical. Critical actions are denied at plan creation |
| Plan / Apply | Write operations first generate a plan. Nothing executes without review |
| Approval Gate | High-risk actions require explicit confirm: true — a card is shown to the user first |
| Audit Log | Every write operation records before-state, after-state, stdout, and result |
| Rollback | Deployments create release records with compose snapshots. One command to roll back |
The Agent itself runs sandboxed: ProtectSystem=strict, NoNewPrivileges=true, no sudo. It can't modify system config, install software, or compile code. It manages containers — you manage the host.
Quick Start
1. Install the Agent on your server:
curl -fsSL https://raw.githubusercontent.com/Ye-Yu-Mo/AI-SRE-Agent/main/agent/install.sh | sh
Installs as a systemd service on port 9090. Prints your secret — copy it.
2. Configure Claude Code MCP:
{
"mcpServers": {
"ai-server-agent": {
"command": "node dist/index.js",
"cwd": "/path/to/AI-SRE-Agent/mcp-server",
"env": {
"AGENT_ENDPOINT": "http://<your-server>:9090",
"AGENT_SECRET": "<your-secret>"
}
}
}
}
3. Start using it:
- "Show me the status of my server" →
server.inspect - "What containers are running?" →
docker.list - "Deploy this GitHub repo" →
app.apply_deploy - "The website is down — diagnose it" →
diagnose.website - "Show me the audit log" →
audit.search
24 MCP Tools
| Category | Tools |
|---|---|
| Server | server.list server.inspect server.health server.resources server.graph server.add server.remove |
| Services | service.list service.logs service.plan_restart |
| Docker | docker.list docker.logs docker.plan_restart |
| Deploy | app.plan_deploy app.apply_deploy app.status app.rollback |
| Diagnose | diagnose.website |
| Operations | plan.apply command.run file.write |
| Audit | audit.search |
| Agent | agent.update |
Architecture
Claude Code (AI) → MCP Server (Node.js, stdio) → Server Agent (Go, systemd) → Linux
- Agent: Go static binary (~10MB), zero dependencies, systemd service
- MCP Server: TypeScript, 24 MCP tools, stdio JSON-RPC
- Multi-server:
servers.jsonregistry — add servers viaserver.addMCP tool - Web Console: Built-in dashboard at
http://<server>:9090/(Tailwind CSS, login auth)
Links
- GitHub: github.com/Ye-Yu-Mo/AI-SRE-Agent
Install:
curl -fsSL https://raw.githubusercontent.com/Ye-Yu-Mo/AI-SRE-Agent/main/agent/install.sh | sh