Skip to main content
Glama
clezcoding

awesome-coolify-mcp

by clezcoding

๐Ÿ“‹ Table of contents


Related MCP server: coolify-mcp

๐Ÿ”ญ Overview

Self-hosted Coolify is one of the best open-source alternatives to Heroku/Vercel-style PaaS platforms โ€” but wiring it up to an AI coding agent has historically meant piecing together several small, overlapping community MCP integrations, each with its own schema, its own error format, and its own idea of what "safe" looks like.

awesome-coolify-mcp replaces that patchwork with a single, community-maintained MCP server that speaks Coolify's REST API 4.1.x through a clean, action-based tool surface. Instead of memorizing dozens of near-identical tool names, your agent calls a handful of domain tools with an action field:

application({ action: "deploy", uuid: "<app-uuid>", wait: true })
diagnose({ action: "scan" })
emergency({ action: "stop_all", confirm: true })

Under the hood, every call goes through the same request pipeline: Zod-validated input, retrying HTTP client, secret-aware output masking, and structured error envelopes with recovery hints โ€” so your agent fails gracefully instead of guessing.

NOTE

This is a community project built for people who run their own Coolify instances.It is not affiliated with or endorsed by Coolify Labs.


๐Ÿ†š Why awesome-coolify-mcp

Typical setup without it

With awesome-coolify-mcp

Several overlapping community MCP tools, each with its own schema

One server, one consistent schema

Dozens of granular, single-purpose tools per resource

10 domain tools ร— action discriminators (32 actions total)

Ad-hoc error strings that agents have to guess at

Structured codes (COOLIFY_401, COOLIFY_404, โ€ฆ) + machine-readable recovery hints

Secrets can leak straight into agent context

Default secret masking + confirmation gates on destructive actions

Read a wall of raw JSON to find what changed

Bounded, paginated projections tuned for LLM context windows

Today, the focus is squarely on day-2 operations: verifying connectivity, discovering what you have, deploying and watching it roll out, pulling logs, diagnosing unhealthy apps and servers, scanning the whole fleet for issues, and running gated emergency actions when something is on fire. Creating brand-new applications, services, and databases from a blank slate is on the way โ€” see Coming soon.


โœจ Features

  • Action-based tools across 10 domains โ€” call application({ action: "deploy", uuid }) instead of hunting through dozens of tool names. Every domain (system, resource, diagnose, application, deployment, service, database, emergency, docs, meta) follows the same shape.

  • Ops workflows that mirror real incidents โ€” a single system.infrastructure_overview call for the big picture, fuzzy resource.find when you only remember a name or domain, diagnose.app / diagnose.server for a specific suspect, and diagnose.scan when you just know something is wrong fleet-wide.

  • Deploy lifecycle that agents can actually drive โ€” start/stop/restart, deploy with optional wait-and-poll or force rebuild, list/get/cancel deployments, and bounded runtime or build logs that won't blow your context window.

  • Service & database lifecycle โ€” start/stop/restart/get, plus service redeploy with an optional fresh image pull.

  • Safety by default, not by convention โ€” emergency mutations require an explicit confirm: true; sensitive keys (password, token, secret, private, env) render as *** unless you opt in with reveal: true.

  • Agent-friendly failure modes โ€” every error is a parseable envelope with a code, a human message, and recoveryHints; transient network/429/5xx failures retry automatically with exponential backoff.

  • Broad client coverage out of the box โ€” Cursor, VS Code / GitHub Copilot, Claude Desktop, Claude Code, Windsurf, and 15+ more via the install configurator.


๐Ÿ—๏ธ How it works

MCP client (Cursor / Claude / VS Code / โ€ฆ)
        โ”‚  stdio MCP
        โ–ผ
awesome-coolify-mcp  (10 domain tools + action discriminator)
        โ”‚  HTTPS + Bearer token
        โ–ผ
Coolify REST API 4.1.x  (servers ยท projects ยท applications ยท services ยท databases)

The server itself is intentionally boring: it holds no long-lived state and never touches your IDE's config files. Your MCP host (Cursor, Claude, VS Code, โ€ฆ) injects COOLIFY_URL and COOLIFY_TOKEN through its MCP config's env block; the process reads them from its environment (or an optional local .env when you run it directly from the CLI) and forwards authenticated requests to your Coolify instance over HTTPS.


๐Ÿš€ Quick start

Prerequisites

  • Node.js 20+

  • A self-hosted Coolify instance on 4.1.x

  • An API token from Coolify โ†’ Keys & Tokens (authorization docs)

Run it directly with npx โ€” no global install needed:

npx -y awesome-coolify-mcp

Wire the two required environment variables into your MCP host (see Install for every client). Once connected, a minimal smoke test looks like this:

meta({ action: "version" })                       // server identity โ€” no Coolify call
system({ action: "verify" })                      // authenticate + connectivity check
system({ action: "infrastructure_overview" })     // servers, projects, apps, services, DBs at a glance
IMPORTANT

Emergency actions (stop_all, redeploy_project, restart_project) require confirm: true. Call them without confirm first โ€” you'll get a would_affect preview and no mutation runs. Only pass reveal: true when you genuinely need plaintext secrets back.


๐Ÿ“ฆ Install

There are three equally supported paths โ€” pick whichever fits your workflow.

Best when you already have your Coolify URL and token handy. Placeholder credentials work fine too โ€” you'll be prompted to fill them in, or you can swap them afterwards.

Both editors implement a protocol handler that reads a JSON server configuration straight out of the URL:

Client

Scheme

Encoding

Cursor

cursor://anysphere.cursor-deeplink/mcp/install?name=โ€ฆ&config=โ€ฆ (mirrored at https://cursor.com/en/install-mcp?โ€ฆ for a friendlier landing page)

config is base64-encoded JSON

VS Code / Copilot

vscode:mcp/install?name=โ€ฆ&config=โ€ฆ

config is URL-encoded JSON

Clicking the button opens your editor, shows the server it's about to add, and lets you review or edit the command/env before accepting โ€” nothing is installed silently.

2. Install configurator (GitHub Pages)

Use the browser configurator to type in your real COOLIFY_URL / COOLIFY_TOKEN and generate a ready-to-paste snippet for your exact client โ€” JSON, TOML, or YAML depending on what that client expects.

Everything runs client-side in your browser. Your token is never sent to a backend, logged, or stored anywhere but the config file you paste it into.

3. Manual MCP config

Paste this into your host's MCP configuration file. Cursor example (~/.cursor/mcp.json for global, or .cursor/mcp.json in a project):

{
  "mcpServers": {
    "awesome-coolify-mcp": {
      "command": "npx",
      "args": ["-y", "awesome-coolify-mcp"],
      "env": {
        "COOLIFY_URL": "https://coolify.example.com",
        "COOLIFY_TOKEN": "YOUR_COOLIFY_API_TOKEN",
        "COOLIFY_VERIFY_SSL": "true",
        "COOLIFY_MCP_LOG": "info"
      }
    }
  }
}

A ready-made copy-paste template also lives at docs/mcp.example.json.


๐Ÿ–ฅ๏ธ Supported clients

Client

Config location

Notes

Cursor

~/.cursor/mcp.json

One-click deeplink or manual JSON

VS Code / GitHub Copilot

.vscode/mcp.json

Native inputs prompts for URL/token โ€” no plaintext in the file

Claude Desktop

claude_desktop_config.json

Manual JSON or configurator output today

Claude Code

~/.claude.json or .mcp.json

stdio via npx -y awesome-coolify-mcp

Windsurf

~/.codeium/windsurf/mcp_config.json

Same npx + env pattern as Cursor

The install configurator covers a much wider matrix โ€” OpenCode, Codex CLI, Gemini CLI, Cline, Kilo Code, Goose, LM Studio, Hermes Agent, Kimi Code, Google Antigravity, OpenClaw, and more โ€” with the correct config shape for each.

NOTE

Claude Desktop currently ships as manual JSON / configurator output only โ€” a dedicated.mcpb bundle is on the roadmap (see Coming soon).


๐Ÿ” Environment variables

Variable

Required

Default

Description

COOLIFY_URL

yes

โ€”

Coolify base URL, no trailing slash โ€” e.g. https://coolify.example.com

COOLIFY_TOKEN

yes

โ€”

Bearer API token, scoped to your team

COOLIFY_VERIFY_SSL

no

true

Set to false only for self-signed certs on local/dev instances

COOLIFY_MCP_LOG

no

info

Log verbosity: debug ยท info ยท error

Credentials are read from the process environment (your IDE's MCP env block) or an optional local .env file when running the CLI directly. They are never echoed back inside tool responses.


๐Ÿงฐ Tools reference

Every domain is exposed as one MCP tool with an action discriminator, so your agent's tool list stays short while the capability surface stays wide.

system({ action: "health" })
application({ action: "deploy", uuid: "<app-uuid>", wait: true })
emergency({ action: "stop_all", confirm: true })

๐Ÿ–ฅ๏ธ system โ€” connectivity & overview

Your first call in any session: is Coolify reachable, and what does the fleet look like right now?

Action

Purpose

health

Verify Coolify API reachability

version

Coolify instance version string

verify

Authenticate; returns connectivity + version in one call

infrastructure_overview

Aggregate counts across servers, projects, applications, services, databases

๐Ÿท๏ธ meta โ€” server identity

Action

Purpose

version

awesome-coolify-mcp's own package name + semver โ€” no Coolify call at all

๐Ÿ”Ž resource โ€” discovery

For when you know roughly what you're looking for but not its exact UUID.

Action

Purpose

list

Applications, services, and databases as summary projections, with pagination _meta

find

Fuzzy search by name, domain, or IP across servers and resources โ€” ranked, capped at 10

๐Ÿฉบ diagnose โ€” investigation

The tool you reach for when something feels wrong but you don't yet know what.

Action

Purpose

app

App status, health, env var count, and recent deployments

server

Server resources, domains, and reachability

scan

Fleet-wide issues grouped by severity โ€” the "what's on fire" button

๐Ÿš€ application โ€” app operations

Action

Purpose

get

Detailed application configuration

start / stop / restart

Container lifecycle control

deploy

Trigger a deploy, with optional wait/poll and force rebuild

logs

Paginated runtime or build logs, bounded so they never blow your context

๐Ÿ“ˆ deployment โ€” deploy tracking

Action

Purpose

list

Deployments for a given application

get

Status, commit, and timing details for one deployment

cancel

Cancel an in-flight deployment cleanly

๐Ÿงฉ service / database โ€” sidecar lifecycle

Tool

Actions

service

get, start, stop, restart, deploy (with optional fresh image pull)

database

get, start, stop, restart

๐Ÿ“š docs โ€” offline guides

Action

Purpose

search

Search a bundled, curated Coolify troubleshooting index โ€” not a live web fetch, so it works offline and can't be used as an external fetch vector

๐Ÿšจ emergency โ€” high-impact ops (gated)

Reach for these only when you mean it โ€” every action below is behind a confirmation gate.

Action

Purpose

stop_all

Stop every running application, fleet-wide โ€” requires confirm: true

redeploy_project

Redeploy every app in a project โ€” requires confirm: true

restart_project

Restart every app in a project โ€” requires confirm: true


๐Ÿ›ก๏ธ Safety model

Confirmation gate

Destructive emergency actions follow a strict two-step pattern:

  1. Call with confirm omitted or false โ†’ you get back a would_affect preview and error code COOLIFY_CONFIRM_REQUIRED โ€” nothing is mutated.

  2. Call again with confirm: true โ†’ the action actually executes.

Regular app/service/database mutations (start, stop, deploy, โ€ฆ) are not behind this gate โ€” they simply follow Coolify's own API semantics, since they're scoped to one resource rather than your whole fleet.

Secret masking

  • Keys matching password, token, secret, private, or env render as *** by default in tool output.

  • Pass reveal: true only when you explicitly need plaintext โ€” for example, to copy an env var into another system.

  • Log line bodies are not masked. Treat raw logs like you would any other sensitive output: don't paste them into long-lived agent memory or public tickets.


โš ๏ธ Structured errors & retries

Every API failure comes back as a parseable envelope your agent can reason about, instead of a raw stack trace:

{
  "code": "COOLIFY_401",
  "message": "Unauthorized โ€” invalid or expired API token",
  "recoveryHints": [
    "Verify the token in Coolify UI โ†’ Keys & Tokens",
    "Ensure the token has the required team permissions"
  ],
  "httpStatus": 401
}

Code

Meaning

COOLIFY_401

Invalid or missing token

COOLIFY_404

Resource not found

COOLIFY_422

Validation error

COOLIFY_500

Coolify server error

COOLIFY_NETWORK

Connection failed

COOLIFY_TIMEOUT

Request timed out

COOLIFY_CONFIRM_REQUIRED

Emergency preview โ€” pass confirm: true to proceed

COOLIFY_AMBIGUOUS_MATCH

Name matched multiple resources โ€” pick a UUID from the ranked list

Transient failures (HTTP 429, 5xx, or network errors) retry automatically up to 3 times with exponential backoff (1s โ†’ 2s โ†’ 4s) before giving up and returning the error to your agent.


๐Ÿ’ฌ Example agent workflows

"Is my Coolify reachable, and what do I have?"

system({ action: "verify" })
system({ action: "infrastructure_overview" })
resource({ action: "list" })

"Find the nginx app, deploy it, then show me the logs."

resource({ action: "find", query: "nginx" })
application({ action: "deploy", uuid: "<uuid>", wait: true })
application({ action: "logs", uuid: "<uuid>" })

"Something feels wrong across the fleet."

diagnose({ action: "scan" })
diagnose({ action: "app", uuid: "<suspect>" })
diagnose({ action: "server", uuid: "<server>" })

"Emergency: stop everything, but let me see the blast radius first."

emergency({ action: "stop_all" })                 // preview โ€” would_affect, no mutation
emergency({ action: "stop_all", confirm: true })  // execute

โœ… Status today

The server is stable and actively used for day-2 operations against real Coolify 4.1.x instances:

Capability

Status

Verify connectivity + infrastructure overview

โœ… Shipped

Discovery: resource.list / resource.find

โœ… Shipped

Diagnose: app, server, fleet-wide scan + follow-up hints

โœ… Shipped

Deploy lifecycle: start/stop/restart, deploy with wait-mode + force rebuild

โœ… Shipped

Deployment tracking: list / get / cancel

โœ… Shipped

App logs: runtime + build, bounded and paginated

โœ… Shipped

Service & database lifecycle

โœ… Shipped

Emergency ops: stop-all, project redeploy/restart, behind confirm gate

โœ… Shipped

Secret masking with explicit reveal opt-in

โœ… Shipped

Structured errors, recovery hints, automatic retries

โœ… Shipped

npm distribution + install configurator for 15+ clients

โœ… Shipped

Service/database log tailing is temporarily on hold โ€” Coolify 4.1.x's REST API doesn't expose a /services/{uuid}/logs or /databases/{uuid}/logs endpoint yet (the fix has merged upstream but isn't backported to 4.1.x). It'll ship the moment the endpoint is reachable, with no half-working stub in the meantime.


๐Ÿ”ฎ Coming soon

The next milestone focuses on creation, not just operation โ€” turning awesome-coolify-mcp into a tool that can stand up new infrastructure from scratch, not only manage what already exists. Planned areas, roughly in order of priority:

  • Full CRUD for applications, services, databases, and servers โ€” create, update, and delete, not just start/stop/deploy

  • Environment variable management โ€” read, write, bulk-sync from a local .env

  • One-click services โ€” full service catalog with compose YAML, storage, and env configuration

  • Database backups โ€” schedules, executions, and on-demand triggers

  • Scheduled tasks โ€” cron job CRUD, execution history, run-once triggers

  • Teams & multi-tenancy โ€” list/get teams and members, per-project scoped tokens

  • Private keys & cloud providers โ€” SSH key management, Hetzner/DigitalOcean provisioning tokens

  • GitHub App integration โ€” repo/branch discovery, enterprise URLs

  • Claude Desktop .mcpb packaging โ€” true one-click install, no manual JSON

  • Deeper observability โ€” container-level metrics, Traefik insight, live event streams, log search

Have a use case that isn't listed? Open an issue โ€” the roadmap is shaped by what the community actually runs into.


๐Ÿ› ๏ธ Local development

git clone https://github.com/clezcoding/awesome-coolify-mcp.git
cd awesome-coolify-mcp
npm install
npm run build    # tsup โ†’ dist/
npm test         # vitest
npm run dev      # watch mode

Logs go to stderr only โ€” stdout is reserved exclusively for the MCP protocol.

The maintainer publish flow (build โ†’ pack --dry-run โ†’ publish) is documented in CONTRIBUTING.md.


Resource

URL

Install configurator

docs/install.html

Example MCP JSON

docs/mcp.example.json

Brand assets

docs/assets/

Coolify

coolify.io

MCP specification

modelcontextprotocol.io

Issues & feature requests

GitHub Issues

Contributing

CONTRIBUTING.md

License

MIT

A
license - permissive license
-
quality - not tested
C
maintenance

Maintenance

โ€“Maintainers
โ€“Response time
โ€“Release cycle
โ€“Releases (12mo)
Commit activity

Resources

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/clezcoding/awesome-coolify-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server