dokku-mcp
Verified Safeby dokku-MCP
Overview
Exposes Dokku's management capabilities through the Model Context Protocol (MCP), enabling Large Language Models (LLMs) to interact with and manage a Dokku instance.
Installation
dokku-mcpEnvironment Variables
- DOKKU_MCP_SSH_HOST
- DOKKU_MCP_SSH_USER
- DOKKU_MCP_DOKKU_PATH
- DOKKU_MCP_SECURITY_BLACKLIST
- DOKKU_MCP_SSH_PORT
- DOKKU_MCP_SSH_KEY_PATH
- DOKKU_MCP_LOG_LEVEL
- DOKKU_MCP_LOG_FORMAT
- DOKKU_MCP_EXPOSE_SERVER_LOGS
- DOKKU_MCP_TIMEOUT
- DOKKU_MCP_CACHE_ENABLED
- DOKKU_MCP_CACHE_TTL
- DOKKU_MCP_PLUGIN_DISCOVERY_SYNC_INTERVAL
- DOKKU_MCP_PLUGIN_DISCOVERY_ENABLED
- DOKKU_MCP_TRANSPORT_TYPE
- DOKKU_MCP_TRANSPORT_HOST
- DOKKU_MCP_TRANSPORT_PORT
- DOKKU_MCP_TRANSPORT_CORS_ENABLED
- DOKKU_MCP_TRANSPORT_CORS_ALLOWED_ORIGINS
- DOKKU_MCP_TRANSPORT_CORS_ALLOWED_METHODS
- DOKKU_MCP_TRANSPORT_CORS_ALLOWED_HEADERS
- DOKKU_MCP_TRANSPORT_CORS_MAX_AGE
- DOKKU_MCP_MULTI_TENANT_ENABLED
- DOKKU_MCP_AUTHENTICATION_ENABLED
- DOKKU_MCP_AUTHENTICATION_JWT_SECRET
- DOKKU_MCP_AUTHENTICATION_TOKEN_HEADER
- DOKKU_MCP_AUTHENTICATION_TOKEN_QUERY_PARAM
- DOKKU_MCP_AUTHORIZATION_ENABLED
- DOKKU_MCP_AUTHORIZATION_DEFAULT_PERMISSIONS
- DOKKU_MCP_OBSERVABILITY_AUDIT_ENABLED
- DOKKU_MCP_OBSERVABILITY_METRICS_ENABLED
- DOKKU_MCP_OBSERVABILITY_TRACING_ENABLED
- DOKKU_MCP_LOGS_RUNTIME_DEFAULT_LINES
- DOKKU_MCP_LOGS_RUNTIME_MAX_LINES
- DOKKU_MCP_LOGS_RUNTIME_STREAM_BUFFER_SIZE
- DOKKU_MCP_LOGS_BUILD_MAX_SIZE_MB
- DOKKU_MCP_LOGS_BUILD_RETENTION
Security Notes
The project demonstrates a strong commitment to security. It includes robust input validation, a command blacklist (with plans for an allow-list), and sensitive log redaction to prevent command injection and information leakage. Secure SSH handling, including path traversal prevention and key file access checks, is implemented. Comprehensive CI testing with security tools (gosec, nancy, staticcheck) and a strict code quality policy (blocking `interface{}`, `any`, `reflect`, `unsafe`) further enhance its security posture. While the default CORS policy for SSE is `*`, it is well-documented and configurable for stricter environments, and token-based authentication is still required.
Similar Servers
rmcp
Perform sophisticated statistical analysis, econometrics, machine learning, and time series tasks using natural language conversations with AI assistants, demonstrating capabilities through a web interface.
ls-mcp
Command-line tool for discovering, analyzing, and reporting on Model Context Protocol (MCP) server configurations in a local development environment.
company-docs-mcp
Transforms organizational documentation into an AI-powered knowledge base for semantic search, Q&A via chat interface, Claude Desktop, and Slack integration.
karma
A modern, dark-themed chat interface demonstrating the Karma Memory system for AI agents, enabling context-aware conversations and dynamic switching of memory retrieval and caching strategies.