Product overview
opsctl is a read-only-first, evidence-driven safety controller for single-server production.
opsctl connects server registry, preflight, backup and recovery, human approval, and verifiable audit in one typed workflow. It is built for teams running one or a few servers that still need production-grade safety boundaries.
Core principle
AI may observe, explain, and draft plans. It cannot approve itself through vague authority, and it cannot disguise destructive resource cleanup as automation.
What you can do
Get started
Install, validate the registry, and run your first read-only checks.
Understand the safety model
Read-only defaults, global locking, approval, and execution boundaries.
Configure the registry
Declare services, ports, domains, volumes, and backup policy.
Backup and recovery
Move from plans and repository checks to isolated restore drills.
Evidence governance
Signatures, checkpoints, archive drills, and retention attestation.
CLI reference
Common read-only and controlled execution entry points.
How it works
- Declare intent: the YAML registry is the desired-state source of truth.
- Observe reality: scanners read systemd, Docker, ports, and Caddy state.
- Explain differences: doctor, drift, and preflight return structured risk decisions.
- Build recovery: snapshots, backups, repository checks, and isolated restores produce evidence.
- Hand off to a human: only specific, unexpired, scope-matching approval can advance controlled execution.
Deliberate non-goals
- No automatic production approval.
- No automatic Docker volume deletion.
- No write or execution surface through MCP.
- No claim that a successful backup alone proves recovery.
- No credential values in reports.
Continue with Get started and meet opsctl through a fully read-only workflow.