One tool to generate, run, route, and authenticate MCP servers — with zero Docker dependency.
thesun bundles what used to be four separate projects into a single, cohesive, shippable tool. You install it once and manage everything through one CLI. MCP servers run as native Go binaries (or Python bundled into static/Go-style containers) supervised by a local process manager — no Docker, no ToolHive.
generate ─▶ run ─▶ route ─▶ authenticate
generator fleet gateway hermes
| Dir | What it is | Role |
|---|---|---|
generator/ |
the REST→MCP generator (formerly "thesun") | generate MCP servers (Go by default; Python only when a target needs curl_cffi browser-TLS) |
fleet/ |
fleetd supervisor + unified fleet CLI | run/manage — start/stop/restart, logs, add/remove, an interactive menu, plus credential + session management |
gateway/ |
the MCP mux/router | route — one endpoint that muxes every server to your clients (Claude Code, GitHub Copilot CLI, OpenAI Codex CLI, OpenCode), with safety classification |
hermes/ |
local auth broker + encrypted vault | authenticate — owns SSO re-authentication, token caching, and the vault so servers never store secrets |
A fresh install builds and pre-registers three MCP servers with genuinely-easy auth (no corporate SSO broker, no admin-consent app registration): ServiceNow and Atlassian (Jira + Confluence) via basic auth, and Microsoft 365 (Teams, Mail, Calendar, OneDrive) via a one-time device-code login. GitHub is available opt-in (needs a personal access token).
./install.sh compiles the two Go servers (atlassian, servicenow) into their bin/
directories and installs the vendored ms365 dependencies. They are built, not yet usable:
each still needs its own credential before first use. Set the basic-auth secrets with
thesun secrets set atlassian basic and thesun secrets set servicenow basic, and run the
one-time Microsoft device-code login for ms365 (see
servers/vendor/ms365/README.md). Run thesun doctor
to see which defaults are ready. If a distribution does not vendor ms365, install skips it
(not a failure) and only the two Go defaults are built.
thesun install wires the gateway into every AI client it detects on the machine —
Claude Code, GitHub Copilot CLI, OpenAI Codex CLI, and OpenCode — so all of them talk
to the same fleet through the same gateway endpoint.
Beyond generating your own servers, thesun ships a store for finding, installing,
and publishing signed MCP server binaries. It spans three repos: thesun (this
toolchain), thesun-servers (the curated Go server monorepo), and
thesun-registry (the signed catalog index the CLI fetches).
thesun search <query> # search the catalog (trust badge: curated vs community)
thesun add <name>[@version] # verify (sha256 + Ed25519) then install + wire into the fleet
thesun remove <name> # remove an installed server
thesun update [<name>] # refresh the catalog, or upgrade an installed server
thesun keygen # generate an author Ed25519 keypair
thesun publish <dir> # Lab-gated: cross-compile, sign, and emit an index entryTwo trust tiers: curated (maintainer Ed25519-signed, Conformance-Lab-proven,
CI-re-gated) and community (self-attested, clearly labeled, opt-in via
--community). Every add is fail-closed: a checksum, signature, revoked, or
lab-report failure refuses the install and writes nothing. Both tiers are
contained at runtime by the same gateway policy floor, so a pulled server's
WRITE/DELETE/outbound tools still require out-of-band human approval. Full
reference: docs/MCP-STORE.md.
Every tool call that reaches a backend through the gateway passes through a single
chokepoint that classifies its blast radius and, for anything beyond a plain read,
refuses to dispatch until a human, not the model, approves it. Guardrails the AI can't
talk its way out of, for every client. See
docs/SECURITY-MODEL.md for the current two-tier threat model
and guarantees.
./install.sh # build generator, fleetd + thesun CLI, gateway, hermes
export PATH="$(pwd)/bin:$PATH"
thesun install # init → register OS service → up → doctor → wire AI clients
thesun status # see the whole stack + every server's healthFull walkthrough (prerequisites, the agent-guided install loop, per-client wiring,
default-server credential setup, troubleshooting): docs/INSTALL.md.
thesun generate <spec> # generate a new MCP server (delegates to generator/)
thesun list | menu | logs <name> # fleet inspection: status table, dashboard, tail logs
thesun start|stop|restart [name] # lifecycle (all if name omitted)
thesun add|rm <name> … # add/remove a server from the fleet
thesun secrets add|list|show|rm # credentials (secret-safe; delegates to the Hermes vault)
thesun acquire <svc> # (re)authenticate an SSO session
thesun approve | grants # human-only Tier-B approvals (production/secret-value/outbound-message calls)
thesun gateway status|reload # the mux/router
thesun up|down|status|doctor|install # whole-stack lifecycle + readiness diagnostics
thesun upgrade | version # self-update
Fleet and credential commands delegate to the fleet subsystem's CLI; generation to
generator/; auth to hermes/. One tool, four subsystems, no Docker. Full command
reference: thesun --help, or fleet/fleetd/cmd/thesun/main.go's usage().
- Docker-free. Servers run native (Go) or as thin static/Python-in-Go containers, supervised by
fleetd. - Secrets stay in the vault. Hermes owns credentials + SSO re-auth; nothing else stores secret values.
- Go-native by default. Python is used only when a target genuinely needs
curl_cffibrowser-TLS. - One CLI, one install. Ship it as a single package that's easy for others to run and manage.
See docs/ for install docs, packaging/release, and architecture background.