vps-ops-mcp
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@vps-ops-mcpcheck health and SSL status for my-vps"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
vps-ops-mcp
Don't give your AI raw root SSH. A safe, structured MCP server that lets Claude (or any MCP client) inspect and operate your VPS — nginx, PM2, SSL, UFW, fail2ban — through typed, allowlisted tools instead of free-form shell access.
Read-only by default. Mutating actions don't even exist unless you opt in with an environment variable.
You: "Is everything OK on my server? Any cert expiring soon?"
Claude → server_health(myvps) → load 0.08, disk 61%, RAM fine
→ ssl_status(myvps) → b2fest.com expires in 71 days ✓
→ security_audit(myvps) → ufw active, root login disabled ✓Why not just an SSH MCP server?
Generic SSH MCP servers hand the model a root shell and hope for the best. This server takes the opposite approach:
Raw SSH MCP | vps-ops-mcp | |
Command surface | anything | fixed command templates only |
User input in commands | interpolated | strict allowlist regex, rejected otherwise |
Credentials | often stored in config | never touched — delegates to your |
Password prompts | can hang |
|
Writes/restarts | always on | off by default, opt-in via env var |
| sure, why not | refused by design |
Related MCP server: ssh-remote-mcp
Quickstart
Requires Node 18+ and a working ssh <your-host> from your terminal (key-based auth).
Claude Code
claude mcp add vps-ops -- npx -y vps-ops-mcpClaude Desktop / Cursor / any MCP client — add to your MCP config:
{
"mcpServers": {
"vps-ops": {
"command": "npx",
"args": ["-y", "vps-ops-mcp"]
}
}
}Then just ask: "Check the health of myvps" (any alias from your ~/.ssh/config, or user@host).
Enabling mutations (optional)
By default the server is strictly read-only. To enable the two mutating tools (nginx_check_and_reload, pm2_restart):
{
"mcpServers": {
"vps-ops": {
"command": "npx",
"args": ["-y", "vps-ops-mcp"],
"env": { "VPS_OPS_ALLOW_MUTATIONS": "true" }
}
}
}Even then: no free-form commands, nginx -t always runs before a reload, and pm2 restart all is refused.
Tools
Tool | What it does | Needs |
| Lists aliases from your local | nothing (local) |
| Uptime, load, memory, disk, top processes | ssh |
| Enabled nginx sites, PM2 process list, running web services | ssh |
| Cert expiry for every domain found in nginx configs (or one domain) | ssh |
| Tail nginx access/error, PM2 app, or journald unit logs | ssh (some logs: sudo) |
| Listening ports, UFW, fail2ban, sshd hardening, pending security updates, recent logins | ssh (richer with sudo) |
|
| opt-in + sudo |
| Restart one named PM2 app (never | opt-in |
🔒 = only registered when VPS_OPS_ALLOW_MUTATIONS=true.
About sudo
Some checks (ufw, fail2ban, sshd -T) need root. The server always uses sudo -n (non-interactive): if passwordless sudo isn't configured for those commands, the check degrades gracefully and tells you, instead of hanging on a password prompt. You choose how much to allow in /etc/sudoers.d/.
Safety model
No credential handling. We spawn your system
sshbinary. Keys, agents,ProxyJump,known_hosts— all yours, all untouched.Fixed command templates. Remote commands are string constants. There is no
run_commandtool and there never will be one in read-only mode.Allowlist validation. Every user-supplied value (host, app name, domain, unit) must match a strict regex before it goes anywhere near a command line. No escaping heuristics — invalid input is simply rejected.
Bounded output. Every call has a timeout and an output cap, so a runaway
tailcan't flood your context window.Mutations are opt-in and minimal. Two tools, both narrow, both guarded.
Roadmap
site_provision— nginx vhost + certbot + PM2 registration in one guarded flowDocker container inventory & log tools
Caddy support
Multi-server fleet summary (
health across all hosts)Scheduled-check examples (cron + Claude Code headless)
PRs welcome — especially real-world ops workflows this doesn't cover yet.
License
MIT © Azat Akdağ
Maintenance
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Akdag94/vps-ops-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server