Docker MCP Server
Docker MCP Server is a natural-language DevOps copilot that lets any MCP-capable AI assistant (Claude, Cursor, Continue, Zed) manage your Docker host and Compose stacks through conversation.
Insight & Monitoring
List containers (running or all) with status, image, ports, and uptime
Inspect full container configs: environment, mounts, network settings, restart policy, health checks
Live CPU/memory/network stats, disk usage breakdown, system info
Tail container logs with optional line count, time window, and timestamps
List images, networks, and volumes
Container Lifecycle Management
Start, stop, restart, and remove containers (with graceful timeouts and force options)
Docker Compose Orchestration
Validate and render fully-resolved Compose configs
List services and their health (
compose_ps)Deploy/update stacks (
up -d), tear down (down), restart services, pull latest images
Security & Safety Controls
Read-only mode — hides all state-changing tools for safe demos or production insight
Container allowlist — restrict operations to specific container names/prefixes
Opt-in exec —
exec_in_containerdisabled by default; no shell injection risk in Compose commands
Interactive Web Panel
Live monitoring with historical charts, AI-powered terminal with smart suggestions
File explorer/editor for container files, snapshot and scheduled backup (with webhook delivery)
Auto-restart watchdog with alerts and log watch
Terminal UI (TUI)
Keyboard-driven, lazydocker-style dashboard with live stats and one-key actions
Monitoring Integration
Exposes a Prometheus
/metricsendpoint for integration with Prometheus, Grafana, Zabbix, VictoriaMetrics
Other
Modular, toggleable plugin architecture
Supports local sockets, Windows named pipes, and remote TCP/TLS connections to Docker Engine
abouttool andlist_pluginsfor identity and capability discovery
Provides tools for managing Docker containers, images, networks, volumes, and Docker Compose stacks through natural language commands.
The /metrics endpoint can be used by Grafana to visualize the server's operational data.
Exposes a /metrics endpoint that can be scraped by Prometheus for monitoring server metrics.
The /metrics endpoint can be scraped by VictoriaMetrics for monitoring purposes.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Docker MCP ServerWhat containers are running?"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
🐳 Docker MCP Server
Chat with your Docker host. A Model Context Protocol server that turns any MCP‑capable AI — Claude Desktop, Cursor, Continue, Zed — into a natural‑language DevOps copilot for Docker & Docker Compose.
“Restart the api container.” · “Why did web crash — show me the last 100 log lines.” · “Deploy the stack in ./prod and confirm it’s healthy.”
Designed, built & maintained by SoyRage Agency · https://soyrage.es/
⚡ New here? Install in one command → Quick install. · ☕ Support the project
📑 Table of contents
Related MCP server: Docker MCP Server
⚡ Quick install (one command)
New to this? The installer clones the project, builds it, and configures Claude Desktop for you — no manual JSON editing. You only need Git and Node.js ≥ 18.
Windows (PowerShell):
irm https://raw.githubusercontent.com/soyrageagency/docker-mcp-server/main/install.ps1 | iexmacOS / Linux:
curl -fsSL https://raw.githubusercontent.com/soyrageagency/docker-mcp-server/main/install.sh | bashAlready cloned the repo? Just run:
npm run setup # builds + configures Claude DesktopThen restart Claude Desktop and ask: “What Docker containers are running?” 🎉
The installer backs up your existing config and merges the entry, so any other MCP servers you have are preserved. Prefer to see the snippet without writing anything? node scripts/install.mjs --print.
💙 If this saves you time, please support the project on PayPal and drop a ⭐ — it genuinely helps SoyRage Agency keep building in the open.
🧭 What is this?
The Model Context Protocol (MCP) is an open standard that lets AI assistants talk to external tools through a well‑defined JSON‑RPC interface. Docker MCP Server is an MCP server that speaks that protocol over stdio and exposes your Docker host as a set of safe, richly‑described tools.
Point any MCP‑capable assistant at it and you can operate containers and Compose stacks in plain language — the model reads each tool’s schema, decides which to call, and reports the results back to you. No more memorising flags or copy‑pasting container IDs.
In one line: it’s the bridge between “I wish I could just tell my server what to do” and your actual Docker daemon.
💡 Why it exists
Day‑to‑day container work is a stream of small, repetitive commands:
docker ps -a
docker logs --tail 100 -f my-api
docker compose -f ./prod/compose.yaml up -d --build
docker stats my-apiEvery one of those is trivial once you remember the exact syntax. The friction is the memorisation and the context‑switching. This server removes that friction by letting the AI do the translation, while keeping you in control through:
Read‑only mode for safe demos and production insight.
A container allowlist so the assistant can only touch what you allow.
Opt‑in exec so arbitrary in‑container commands are never available by accident.
Confirmation‑friendly design — destructive tools are clearly described so the model asks before it acts.
Built by SoyRage Agency for the self‑hosting and home‑lab community — and equally at home on a CI runner or a production VM behind read‑only mode.
🚀 Feature overview
Area | Capabilities |
🔎 Insight | List containers · inspect full config · live CPU/memory/network stats · tail logs with time windows · list images / networks / volumes · host summary · disk usage. |
⚙️ Lifecycle | Start · stop · restart · remove containers — with graceful stop timeouts. |
📦 Compose | Validate config · list services & health · deploy ( |
🛡️ Safety | Global read‑only mode · container allowlist · opt‑in exec · soft attribution guard. |
🔌 Transport | Local Unix socket · Windows named pipe · secured remote TCP + TLS. |
🎨 Identity | ASCII welcome banner · |
🖥️ Interactive panel | Tabbed web dashboard: live monitoring, terminal with smart command suggestions, file explorer, snapshots & scheduled backups, networks/volumes, auto‑restart watchdog, alerts & log watch, inspect, search and lifecycle actions — with a demo mode. |
⌨️ Terminal UI | A creative, lazydocker‑style TUI with a SoyRage welcome, live gauges and one‑key actions — zero curses dependencies. |
📈 Monitoring | Built‑in Prometheus |
🧩 Modular | Every capability is a toggleable plugin; enable exactly the surface you want via config. |
🧱 Engineering | 100% TypeScript, strict mode · one module per concern · tiny dependency surface · stderr‑only logging. |
🖥️ The interactive panel
Beyond the conversational interface, the project ships a minimalist web dashboard (docker-mcp-panel) for when you want a fast, visual, point‑and‑click view of your host. It reuses the exact same configuration, Docker client and safety rails as the MCP server — so read‑only mode and the allowlist apply here too.
npm run build
npm run panel # → http://127.0.0.1:4600
npm run panel:demo # same, but with realistic mock data (no daemon needed)Dashboard — live host stats, containers & images
One‑click log tailing
Terminal — run docker commands with smart suggestions (Tab / ↑↓ / Enter)
Snapshots & scheduled backups — with email/cloud delivery
File explorer + editor — view & edit files inside a container
Browse a container's filesystem
System — networks & volumes
Alerts & log watch — with a live auto‑restart watchdog
Read‑only mode — actions safely disabled
Screenshots rendered in demo mode · watermarked © SoyRage Agency · soyrage.es
Panel highlights
Tabbed layout — Overview, Terminal, Files, Backups, System and Alerts, with a live alert badge in the header.
Live monitoring + Trends — CPU‑load and memory‑used cards with meters, per‑container CPU % and memory bars, and historical sparkline charts (sampled every 5s) for CPU and memory over time.
⌨️ AI‑powered terminal — type
docker …for typo‑tolerant, context‑aware completions (Tab/↑↓/Enter), or type a request in plain English (“why did web crash”) and pick Ask AI — the copilot proposes a command you review, then run. Commands are parsed to an argv array and spawned without a shell; a deny‑list blocks dangerous verbs and write verbs respect read‑only mode. AI uses any OpenAI‑compatible endpoint (OpenAI, Ollama, LM Studio…); without one it falls back to rule‑based suggestions.📁 File explorer + editor — browse any container's filesystem (breadcrumbs, up‑navigation), open and edit text/
.sh/config files, and Save back into the container. An AI edit button rewrites the file from a plain‑English instruction. Safe, shell‑freeexec; edits are blocked in read‑only mode.📸 Snapshots & scheduled backups — snapshot a container as an image (
commit) or a filesystemexport(.tar) to a chosen directory; schedule a daily backup (time, containers, type); a webhook forwards each backup to email, Google Drive or S3 via Zapier / Make / n8n.🧩 System tab — networks and volumes at a glance; per‑container inspect details (env redacted, mounts, ports, restart policy) in the drawer.
♻️ Auto‑restart watchdog — flip the Auto toggle and a background watchdog restarts a container whenever it exits (respects read‑only mode).
🚨 Alerts & log watch — down/unhealthy containers, high CPU/memory, watchdog events, and error/warn lines scanned from recent logs.
Container grid — colour‑coded state dots, ports as chips, filter/search, auto‑refresh toggle, and per‑row actions (details · files · snapshot · start/stop/restart).
Prometheus
/metrics— footer link exposes the scrape endpoint (see Monitoring).Demo mode —
DOCKER_MCP_PANEL_DEMO=trueserves fabricated‑but‑realistic data (with gentle live jitter), perfect for previews and client demos with no daemon.Zero UI dependencies — hand‑written HTML/CSS/JS served by a Node‑core HTTP server.
Panel REST API (all local): /api/snapshot · /api/history · /api/containers · /api/images · /api/logs · /api/action · /api/run · /api/ai · /api/files · /api/file (GET read / POST save) · /api/inspect · /api/networks · /api/volumes · /api/backups · /api/backup · /api/schedule · /api/alerts · /api/autorestart · /metrics.
AI copilot (optional): set DOCKER_MCP_AI_ENDPOINT (+ DOCKER_MCP_AI_KEY, DOCKER_MCP_AI_MODEL) to power the AI terminal and AI file‑editing. Works with OpenAI, Ollama (http://localhost:11434/v1, free & local), LM Studio, or any OpenAI‑compatible API. Demo mode simulates it so you can try the UX offline.
🖼️ Regenerate the screenshots yourself with
npm run shots(requiresnpx playwright install chromium).
🔒 Panel security & networking (VPN, IPs, ports)
The panel and terminal can control your host, so treat access like SSH.
Bind locally by default — the panel listens on
127.0.0.1:4600. Reach a remote host by tunnelling over a VPN — WireGuard or Tailscale — and browsing to the host's VPN IP. Do not port‑forward the panel to the public Internet.If you must bind to the LAN, set
DOCKER_MCP_PANEL_HOST=0.0.0.0. On startup the server prints every IP address it is reachable on and a warning, e.g.:Panel ready at http://0.0.0.0:4600 reachable at http://127.0.0.1:4600 reachable at http://10.8.0.3:4600 ← your WireGuard IP reachable at http://192.168.1.42:4600 ← your LAN IP Panel is bound to ALL interfaces … keep it behind a VPN or an authenticated reverse proxy.Change the port with
DOCKER_MCP_PANEL_PORT(e.g.8443) to avoid clashes or sit behind a reverse proxy.Port‑forwarding / reverse proxy — if you expose it, put an authenticated proxy (Caddy/nginx/Traefik with Basic‑Auth or SSO + TLS) in front; never forward the raw port. Combine with
DOCKER_MCP_READONLY=truefor view‑only deployments, andDOCKER_MCP_PANEL_TERMINAL=falseto disable the command runner.
⌨️ The terminal UI (TUI)
Prefer the terminal? Launch docker-mcp-tui — a creative, lazydocker‑style dashboard that opens with a SoyRage Agency welcome and then drops you into a live, keyboard‑driven view. It’s hand‑rolled ANSI (no curses library), so it adds zero dependencies.
npm run tui # → interactive terminal dashboard
npm run tui:demo # same, with realistic mock data (no daemon needed)A warm welcome — “thank you for using our repository ⭐”
Live dashboard — gauges, details & one‑key actions
Keys: ↑/↓ (or j/k) navigate · l toggle logs · S start · s stop · R restart · r refresh · q quit.
Live CPU/memory gauges refresh automatically; read‑only mode hides the action keys.
📈 Monitoring: Prometheus, Zabbix & more
The panel doubles as a metrics exporter. It serves a standard Prometheus text endpoint at /metrics, so your Docker host becomes a first‑class monitoring target with no extra agent.
npm run panel # metrics on by default
curl http://127.0.0.1:4600/metricsExposed series (labelled by name, state, image where relevant):
Metric | Type | Meaning |
| gauge | 1 when the exporter is running. |
| gauge | Build/author metadata (product, author = SoyRage Agency, version, url). |
| gauge | Logical CPUs on the host. |
| gauge | Total host memory. |
| gauge | Container counts. |
| gauge | Cached images. |
| gauge | Aggregate container CPU %. |
| gauge | Aggregate container memory. |
| gauge | 1 if a given container is running. |
| gauge | Per‑container CPU %. |
| gauge | Per‑container memory. |
| gauge | 1 if auto‑restart is enabled for it. |
| gauge | Count of containers with auto‑restart on. |
| gauge | Number of active state‑based alerts. |
Prometheus
# prometheus.yml
scrape_configs:
- job_name: docker-mcp
static_configs:
- targets: ["your-host:4600"]Zabbix
Use an HTTP agent item pointed at http://your-host:4600/metrics, then add
dependent items with the Prometheus pattern preprocessing step, e.g.
dockermcp_containers_running or
dockermcp_container_cpu_percent{name="api"}. Grafana, Grafana Agent,
VictoriaMetrics and Netdata can scrape the same endpoint.
Turn the exporter off with
DOCKER_MCP_PANEL_METRICS=falseif you only want the UI.
🧩 Modular plugin architecture
The server is assembled from independent plugins, each owning one capability group. Which plugins load is driven entirely by configuration, so you can expose exactly the surface you want — from insight only to the full toolbox — without touching code. This also makes the project easy to extend and hard to fork wholesale without noticing the attribution baked into the locked about plugin.
Plugin | Category | Type | Tools |
| identity | read |
|
| insight | read |
|
| insight | read |
|
| insight | read |
|
| system | read |
|
| compose | read/write |
|
| lifecycle | write |
|
🔒 The about plugin is locked — it carries the SoyRage Agency identity and cannot be disabled.
Toggle plugins via environment variables or the config file:
# Expose ONLY read-only insight (a safe, curated surface)
DOCKER_MCP_PLUGINS=containers,logs,images,system
# Load everything except container lifecycle
DOCKER_MCP_DISABLED_PLUGINS=lifecycleAsk the assistant “list the plugins” any time to see what’s enabled.
Config file
For a reproducible setup, drop a docker-mcp.config.json in the project root (or point DOCKER_MCP_CONFIG at one). Environment variables always override it. See examples/docker-mcp.config.json:
{
"readOnly": false,
"allowExec": false,
"containerAllowlist": ["web", "api"],
"plugins": { "enabled": [], "disabled": ["lifecycle"] },
"panel": { "host": "127.0.0.1", "port": 4600, "demo": false }
}Configuration precedence (lowest → highest): built‑in defaults → docker-mcp.config.json → .env → real environment variables.
🛠️ How it works
┌──────────────────────────────────────────────┐
You ◀──────▶ │ AI assistant (Claude / Cursor / Continue …) │
└───────────────────────┬──────────────────────┘
stdio · JSON‑RPC (MCP)
┌───────────────────────▼──────────────────────┐
│ Docker MCP Server │
│ │
│ 1. Client sends `initialize` → server │
│ replies with tool schemas + SoyRage │
│ `instructions` (identity & welcome). │
│ 2. Model picks a tool and sends `tools/call`.│
│ 3. Server executes it against Docker and │
│ returns human‑readable text. │
└───────────┬───────────────────────┬──────────┘
Engine API │ spawn │ docker compose
┌───────────▼───────────┐ ┌──────────▼──────────┐
│ Docker Engine │ │ Compose plugin │
└───────────────────────┘ └─────────────────────┘Engine operations (containers, images, stats, logs, system info) use the Docker Engine API through
dockerode.Compose operations shell out to the official
docker composeCLI with a shell‑free, fully argument‑quoted spawn (no string interpolation, no injection surface).stdout is sacred: it carries only the JSON‑RPC stream. Every log line goes to stderr.
✅ Requirements
Requirement | Notes |
Node.js ≥ 18 | ES modules + modern APIs. Node 20+ recommended. |
A reachable Docker Engine | Local socket by default; remote TCP/TLS supported. |
| Only needed for the Compose tools. Insight/lifecycle tools work without it. |
An MCP client | Claude Desktop, Cursor, Continue, Zed, or the MCP Inspector. |
📦 Installation
# 1. Clone
git clone https://github.com/<your-user>/docker-mcp-server.git
cd docker-mcp-server
# 2. Install dependencies
npm install
# 3. Build to dist/
npm run buildKick the tyres with the official MCP Inspector (no AI client required):
npm run inspectThis opens a UI where you can list tools and call them by hand — perfect for verifying your Docker connection before wiring up an assistant.
🔌 Connecting to your AI client
Claude Desktop
Edit your Claude Desktop config file:
Windows:
%APPDATA%\Claude\claude_desktop_config.jsonmacOS:
~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"docker": {
"command": "node",
"args": ["/absolute/path/to/docker-mcp-server/dist/index.js"],
"env": {
"DOCKER_MCP_READONLY": "false",
"DOCKER_MCP_ALLOW_EXEC": "false",
"DOCKER_MCP_DEFAULT_LOG_TAIL": "200"
}
}
}
}A ready‑to‑edit copy lives in
examples/claude_desktop_config.json.
Restart Claude Desktop and ask: “What containers are running?” — the assistant will greet you on behalf of SoyRage Agency and take it from there.
Cursor / Continue / Zed
Any MCP‑capable client works the same way — register a stdio server whose command is node and whose argument is the absolute path to dist/index.js, passing the same environment variables. Consult your client’s MCP documentation for the exact config location; the server block is identical.
⚙️ Configuration reference
Every setting is an environment variable. A local .env file (next to package.json) is loaded automatically at startup; values already present in the process environment always win, so your MCP client can override the file. See .env.example for a commented template.
Variable | Default | Description |
| platform socket | Engine endpoint. Accepts |
| — | Directory containing |
|
|
|
|
| When |
|
| When |
| — | Comma‑separated container names or prefixes the server may operate on. Empty = all. Prefix matching means |
|
| Default number of log lines returned by |
| process cwd | Base directory used to resolve relative Compose file paths. |
|
| Diagnostic verbosity written to stderr: |
| — | Load only these plugins (comma‑separated). Empty = all. |
| — | Disable these plugins (comma‑separated). |
|
| Bind address for the interactive panel. |
|
| Port for the interactive panel. |
|
| Serve fabricated demo data in the panel/TUI. |
|
| Expose the Prometheus |
|
| Enable the in‑panel command terminal. |
|
| Directory for container snapshots/exports. |
| — | Webhook called after each backup (email/cloud bridge). |
| — | OpenAI‑compatible base URL for the AI copilot (empty = off). |
| — | Bearer key for the AI endpoint. |
|
| Model name for the AI endpoint. |
|
| Path to the optional JSON config file. |
Boolean parsing: any of 1, true, yes, on (case‑insensitive) counts as true. A JSON config file provides defaults for all of the above — see Config file.
🌐 Connecting to remote / TLS daemons
Manage a Docker host over the network by pointing DOCKER_HOST at its TCP endpoint. For anything beyond localhost, always use TLS.
# Plain TCP (trusted networks only!)
DOCKER_HOST=tcp://192.168.1.50:2375
# Secured TCP with mutual TLS
DOCKER_HOST=tcp://docker.internal:2376
DOCKER_TLS_VERIFY=1
DOCKER_CERT_PATH=/home/you/.docker/certsWhen TLS is enabled the server reads ca.pem, cert.pem and key.pem from DOCKER_CERT_PATH and connects over HTTPS (default port 2376; plain TCP defaults to 2375).
🛡️ Security model
This server can control your infrastructure, so it ships with defence‑in‑depth defaults. You decide how much power to grant.
Control | What it does | Recommended for |
Read‑only mode ( | Hides every state‑changing tool. The model literally cannot see | Demos, dashboards, production insight. |
Container allowlist ( | Restricts all container tools to matching names/prefixes. Anything else returns a clear “not allowed” error. | Multi‑tenant hosts, “manage the app, never the database”. |
Opt‑in exec ( | The powerful | Keep disabled unless you specifically need it. |
Shell‑free Compose | Compose commands are spawned as argument arrays — no shell, no interpolation. | Always on. |
Graceful errors | A failing tool returns an | Always on. |
Safety recipes
# Give a live demo with zero risk of mutation
DOCKER_MCP_READONLY=true
# Let the AI manage only the app tier, never data stores
DOCKER_MCP_CONTAINER_ALLOWLIST=web,api,worker
# Never allow shelling into containers (this is the default)
DOCKER_MCP_ALLOW_EXEC=false⚠️ Principle of least privilege. Start read‑only, add an allowlist, and only enable writes/exec once you trust the setup. Treat the assistant as a very fast junior engineer: helpful, but you sign off on the destructive stuff.
🧰 Complete tool reference
Tools marked W change state and are hidden when DOCKER_MCP_READONLY=true.
exec_in_container is additionally hidden unless DOCKER_MCP_ALLOW_EXEC=true.
Identity
Tool | Parameters | Description |
| — | Returns the SoyRage Agency welcome banner, credits and license. The assistant uses it to introduce the server. |
| — | Lists the modular capability plugins and whether each is enabled. |
Insight (read‑only)
Tool | Parameters | Description |
|
| List containers with state, image, status and published ports. |
|
| Full low‑level config for one container (env, mounts, network, restart policy, health) plus a readable summary. |
|
| One‑shot snapshot of live CPU %, memory usage/limit and network RX/TX. |
|
| Tail stdout/stderr. |
| — | Locally cached images with |
| — | Engine version, host OS/arch, kernel, CPU/RAM, storage driver and object counts. |
| — | Reclaimable space across images/containers/volumes ( |
| — | Networks with driver and scope. |
| — | Named volumes with driver and mountpoint. |
Compose — read‑only
Tool | Parameters | Description |
|
| List a stack’s services and their state/health. |
|
| Validate and render the fully‑resolved Compose configuration (a non‑zero result means the file has errors). |
Lifecycle (W)
Tool | Parameters | Description |
|
| Start a stopped container (no‑op if already running). |
|
| Graceful stop (SIGTERM → SIGKILL after |
|
| Restart a container. |
|
| Remove a container. Destructive; |
|
| Run a one‑off command (argument array, no shell) inside a running container. Opt‑in only. |
Compose — state‑changing (W)
Tool | Parameters | Description |
|
|
|
|
| Stop and remove a stack. |
|
| Restart all or selected services. |
|
| Pull the latest images for a stack (pair with |
💬 Example conversations
Natural‑language prompts and the tools the model will typically reach for:
You say… | The assistant calls… |
“What’s running right now?” |
|
“Show me everything, including stopped ones.” |
|
“Why did |
|
“Anything in the |
|
“Is |
|
“Restart |
|
“Deploy the stack in |
|
“Which services are up in the demo stack?” |
|
“How much disk is Docker using?” |
|
“Who built this integration?” |
|
Want a stack to practise on? examples/demo-stack/compose.yaml spins up nginx + redis. Try: “Deploy the demo stack, then show me its services and the web logs.”
🗂️ Project structure
docker-mcp-server/
├── assets/
│ ├── soyrage-banner.svg # SoyRage Agency identity banner (this README)
│ └── screenshots/ # Watermarked panel screenshots
├── examples/
│ ├── claude_desktop_config.json
│ ├── docker-mcp.config.json # Reproducible config-file example
│ └── demo-stack/
│ └── compose.yaml # nginx + redis playground
├── install.sh / install.ps1 # One-command bootstrap for beginners
├── scripts/
│ ├── install.mjs # Cross-platform Claude Desktop configurator
│ ├── copy-public.mjs # Copies panel assets into dist/ after build
│ ├── shots.mjs # Regenerates the panel screenshots (Playwright)
│ └── tui-shot.mjs # Renders the TUI to PNG (ANSI→HTML→Playwright)
├── src/
│ ├── index.ts # MCP entry point: banner, attribution guard, wiring
│ ├── branding.ts # SoyRage identity, ASCII banner, MCP instructions
│ ├── plugins.ts # Modular plugin catalogue & selection loader
│ ├── config.ts # Layered config (defaults → file → .env → env)
│ ├── logger.ts # stderr‑only structured logger (stdout is sacred)
│ ├── docker/
│ │ ├── client.ts # Typed dockerode wrapper + allowlist enforcement
│ │ └── compose.ts # Safe, shell‑free `docker compose` driver
│ ├── tools/ # One module per plugin's tools
│ │ ├── context.ts # Shared dependency bundle + plugin metadata
│ │ ├── about.ts # about / list_plugins (identity, locked)
│ │ ├── containers.ts # list / inspect / stats
│ │ ├── logs.ts # log tailing with stream demultiplexing
│ │ ├── lifecycle.ts # start / stop / restart / remove / exec
│ │ ├── images.ts # image inventory
│ │ ├── system.ts # system_info / disk_usage / networks / volumes
│ │ └── compose.ts # deploy / down / restart / pull / ps / config
│ ├── panel/ # Interactive web dashboard
│ │ ├── index.ts # Panel entry point (docker-mcp-panel binary)
│ │ ├── server.ts # Node‑core HTTP server + REST API + /metrics
│ │ ├── service.ts # UI/monitoring data layer, stats & Prometheus
│ │ └── public/ # Hand‑written SPA (index.html, styles.css, app.js)
│ ├── tui/ # Terminal UI (docker-mcp-tui binary)
│ │ ├── index.ts # TUI entry point (+ --frame/--splash snapshots)
│ │ ├── app.ts # Interactive app: welcome, gauges, key handling
│ │ ├── box.ts # Rounded box renderer
│ │ └── ansi.ts # ANSI colours, cursor control, width-aware pads
│ └── utils/
│ ├── format.ts # tables, byte & time humanisers
│ └── result.ts # MCP result helpers + error guard
├── docker-mcp.config.json # (optional) your config file
├── .env.example # Commented configuration template
├── LICENSE # SoyRage Attribution License
├── NOTICE # Attribution notice
└── README.md🧠 Design principles
stdout is reserved for the JSON‑RPC protocol stream; every diagnostic goes to stderr. Violating this corrupts the MCP connection — the logger enforces it.
No shell interpolation. Compose commands are spawned with an argument array, never a shell string, eliminating command‑injection risk.
Fail soft. A handler that throws returns a clean
isErrortext result the model can read and recover from, instead of tearing down the transport.One concern per module. Tools are grouped by capability; each group is a small, focused file that receives its dependencies explicitly (no globals).
Tiny dependency surface. A hand‑rolled
.envloader keepsdotenvout; only@modelcontextprotocol/sdk,dockerodeandzodare runtime dependencies.Safety by construction. Read‑only mode and the allowlist are checked at the boundary, so an unsafe call can’t slip through a forgotten branch.
🧪 Development
npm run dev # hot‑reload the MCP server with tsx
npm run typecheck # strict type check, no emit
npm run build # compile to dist/ and copy panel assets
npm run start # run the built MCP server
npm run inspect # launch the MCP Inspector against the built server
npm run panel # run the interactive panel (with /metrics)
npm run panel:dev # hot‑reload the panel with tsx
npm run panel:demo # run the panel with demo data
npm run tui # run the terminal UI
npm run tui:demo # run the terminal UI with demo data
npm run shots # regenerate panel screenshots (needs Playwright chromium)
npm run clean # remove dist/Coding standards: TypeScript strict with noUnusedLocals, noUnusedParameters, noImplicitReturns and noFallthroughCasesInSwitch. Every source file carries a SoyRage Agency attribution header.
Continuous integration: .github/workflows/ci.yml runs on every push/PR — install, type‑check, build, then the deep end‑to‑end suite (node scripts/deep-test.mjs, 70 checks) against a headless demo panel. Run it locally anytime:
npm run build
DOCKER_MCP_PANEL_DEMO=true DOCKER_MCP_PANEL_PORT=4600 node dist/panel/index.js &
node scripts/deep-test.mjs🩺 Troubleshooting & FAQ
The server started but couldn’t connect to Docker. Check that:
Docker Desktop / the daemon is running.
DOCKER_HOSTis correct for your platform (empty = default socket).On Linux, your user can access the socket (
dockergroup) or you’re running with sufficient permissions.
The server intentionally keeps running so tool calls return a friendly error inside your chat client instead of crashing.
The Compose tools shell out to docker compose. Install Docker Desktop or the docker-compose-plugin, and make sure docker is on the PATH of the environment your MCP client launches the server in.
You’re probably in read‑only mode. Set DOCKER_MCP_READONLY=false (the default) and restart your MCP client so it re‑reads the tool list.
DOCKER_MCP_CONTAINER_ALLOWLIST is set and the target doesn’t match. Add its name/prefix to the list, or clear the variable to allow all.
No. This server talks only to your Docker daemon and your MCP client over local stdio. It makes no outbound network calls of its own.
🗺️ Roadmap
Interactive web panel with live monitoring + historical charts
Creative terminal UI (TUI)
Prometheus
/metricsendpoint (Prometheus/Zabbix ready)AI‑powered terminal & file editing (OpenAI‑compatible)
One‑command installer + CI (build/typecheck/70‑check e2e)
follow_logsstreaming with server‑sent progressImage pull/build tools with progress reporting
Prune tools (
docker system prune) gated behind explicit confirmationMCP resources for read‑only container/stack snapshots
Native SMTP + direct S3/Drive backup destinations
Published npm package for one‑line
npxusage
Ideas and PRs welcome — see below.
🤝 Contributing
Contributions are welcome! Please:
Open an issue describing the change before large PRs.
Keep the stderr‑only logging and shell‑free Compose invariants intact.
Retain the SoyRage Agency attribution headers and runtime identity (this is a license requirement).
Run
npm run typecheck && npm run buildbefore submitting.
🏢 About SoyRage Agency
SoyRage Agency is a full‑stack development & infrastructure studio based in Valencia, Spain, building tools where DevOps meets AI. We craft polished, production‑minded software for developers and the self‑hosting community.
🌐 Web: soyrage.es
🧑💻 Focus: full‑stack development · infrastructure engineering · AI tooling
📫 Work with us: soyrage.es
If this project is useful to you, a ⭐ on the repo and a link back to soyrage.es genuinely help us keep building in the open. Thank you! 🙌
💙 Support the project
Docker MCP Server is built and maintained in the open by SoyRage Agency. If it saves you time or you use it at work, please consider supporting continued development — it directly funds new features (native SMTP/S3 backups, historical charts, more integrations) and keeps the project free.
paypal.me/soyrageagency · a ⭐ on the repo also helps a lot!
Other ways to help: share it on r/selfhosted, report issues, open PRs, or hire SoyRage Agency for custom DevOps + AI tooling.
🖋️ Credits & License
Designed, built and maintained by SoyRage Agency — https://soyrage.es/
This project is released under the SoyRage Attribution License (see LICENSE and NOTICE). You are free to use, modify and self‑host it — as long as the credit to SoyRage Agency stays visible: the source headers, the package.json author field, and the runtime identity (ASCII banner, about tool and MCP instructions) must remain intact.
ℹ️ On “anti‑clone”: software that runs on your machine can always be modified — this is not DRM. The attribution is baked in as the default everywhere so that removing it is a deliberate act, and the license makes that act a violation. For white‑labelling or a commercial license, reach out via soyrage.es.
© 2026 SoyRage Agency — https://soyrage.es/
Made with ❤ in Valencia, Spain.
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/soyrageagency/docker-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server