go-mcp-server-gateway
Verified Safeby duddn2012
Overview
Multi-tenant gateway for Model Context Protocol (MCP) servers, dynamically managing and serving MCP instances per tenant with isolated databases.
Installation
./build.sh runEnvironment Variables
- APP_ENV
- LOG_LEVEL
- BRIO_DATABASE_HOST
- BRIO_DATABASE_PORT
- BRIO_DATABASE_USER
- BRIO_DATABASE_PASSWORD
- BRIO_DATABASE_NAME
- BRIO_SERVER_PORT
- BRIO_X_MCP_KEY
- BRIO_LOGGING_LEVEL
- BRIO_LOGGING_BASE_DIR
- BRIO_LOGGING_SERVICE_MAX_SIZE
- BRIO_LOGGING_SERVICE_MAX_AGE
- BRIO_LOGGING_SERVICE_MAX_BACKUPS
- BRIO_LOGGING_SERVICE_COMPRESS
- BRIO_LOGGING_SERVICE_DIR
- BRIO_LOGGING_TLO_MAX_SIZE
- BRIO_LOGGING_TLO_MAX_AGE
- BRIO_LOGGING_TLO_MAX_BACKUPS
- BRIO_LOGGING_TLO_COMPRESS
- BRIO_LOGGING_TLO_DIR
- BRIO_LOGGING_TLO_ROTATION_MINUTES
- BRIO_LOGGING_TLO_MAX_RETENTION_DAYS
- BRIO_LOGGING_TLO_ZONE_ID
- BRIO_TIMEOUT_SERVER_READ
- BRIO_TIMEOUT_SERVER_WRITE
- BRIO_TIMEOUT_HTTP_CLIENT
- BRIO_ALLOWED_ORIGINS
Security Notes
Sensitive configuration values (DB passwords, API keys) are encrypted at rest using a custom Rust FFI-based library. However, the decryption key (likely an RSA key) appears to be embedded within the compiled Rust library, which is then linked statically into the Go binary. This means an attacker with access to the compiled binary can extract the decryption key and decrypt all 'encrypted' configuration values. While it protects against casual viewing of `.env` or YAML files, it does not provide robust protection against a determined attacker who obtains the binary. Hardcoded DB credentials in test config (test/testutils/test_config.go) are for testing purposes only and not production.
Similar Servers
Unla
Transforms existing MCP Servers and APIs into MCP protocol-compliant endpoints through configuration, enabling LLM tool calling without code changes.
MCPJungle
MCPJungle is a self-hosted Model Context Protocol (MCP) Gateway that allows developers to register and manage various MCP servers and their tools from a central location, enabling AI agents to discover and consume these tools from a single gateway.
sagemcp
A scalable platform for hosting Multi-tenant Model Context Protocol (MCP) servers with multi-tenant support, OAuth integration, and connector plugins for various services.
toolhive-registry-server
The central metadata hub for enterprise Model Context Protocol (MCP) server governance and discovery, implementing the official MCP Registry API specification.