Documentation

Docs & MCP reference.

Quickstart

Install the CLI, log in once, and deploy. DenkOps packs your directory, picks a build lane, and returns a live, SSL-secured URL.

$ curl -fsSL denkops.sh | sh
$ denkops login # one-time MCP token, stored 0600
$ denkops deploy
→ live at https://my-agent.denkops.app

Build lanes

Two optimized paved-road templates. The bun-hono fast lane for lightweight APIs and MCP servers; the python-fastapi heavy lane for AI and long-running workloads. No Dockerfile needed — or bring your own container.

MCP interface

The MCP server is the primary interface. After a one-time token login, Claude talks straight to the control plane and operates your infrastructure via tools.

ToolDoes
deployPack + build + ship the current project
logsFetch logs + ai_hint for a deploy
statusHealth, version, resource usage
rollbackActivate a previous version
secretsSet / list encrypted env vars

Install in Claude Code

Three steps: install the CLI, log in once, then register the MCP server. After that Claude drives DenkOps directly from your editor — deploy, read logs, roll back — no dashboard needed.

1 · Install & log in

The installer drops both denkops and denkops-mcp on your PATH. Log in once; the token is stored 0600 in ~/.denkops/config.json.

$ curl -fsSL denkops.sh | sh
$ denkops login # paste your one-time token

2 · Register the MCP

Add DenkOps to Claude Code with one command:

$ claude mcp add denkops \
--env DENKOPS_CONTROL_PLANE_URL=https://api.denkops.com \
-- denkops-mcp

…or drop a .mcp.json in your project root (or ~/.claude.json to enable it everywhere):

{
"mcpServers": {
"denkops": {
"command": "denkops-mcp",
"env": { "DENKOPS_CONTROL_PLANE_URL": "https://api.denkops.com" }
}
}
}

3 · Talk to Claude

Open a project with a denkops.json ({name, slug, runtime}) and just ask. Claude picks up the denkops tools automatically — confirm the connection with /mcp inside Claude Code.

Deploy this to DenkOps
Read the logs of quote-agent and fix the 500
Roll quote-agent back to the previous version

Self-healing

When a deploy crashes, DenkOps attaches a machine-readable ai_hint — likely cause, file and line. Claude reads it, edits forward, and redeploys. No human in the loop for the common failures.

Zero-trust egress

All outbound traffic is denied by default. Whitelist domains explicitly; everything else is blocked and logged. Manage it with denkops egress add <domain>.

Secrets

Secrets are encrypted at rest and injected at deploy time. Set with denkops secrets set KEY=value; they never appear in logs or the dashboard in plaintext.

Persistent state

Each slot has durable local disk mounted at /data. It survives redeploys, restarts and crashes — the built-in SQLite/KV store gives you persistence without wiring up an external database.