andreapollastri/cipi-api

Cipi API — REST API, MCP server, and Swagger docs for the Cipi server control panel

Maintainers

Package info

github.com/cipi-sh/api

pkg:composer/andreapollastri/cipi-api

Statistics

Installs: 13

Dependents: 0

Suggesters: 0

Stars: 4

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

1.6.10 2026-04-26 22:11 UTC

Requires

Suggests

  • laravel/mcp: Required for the MCP server endpoint (^0.1)

MIT 383d03c65b0b3fa2b1df51d3b4e32e64def4b580

apideployserverlaravelmcpcipi

This package is auto-updated.

Last update: 2026-04-26 22:12:11 UTC

README

Laravel package that exposes a REST API, an MCP server, and Swagger documentation for the Cipi server control panel.

Requirements

  • PHP 8.2+
  • Laravel 12+

Installation

composer require cipi/api

Publish the configuration and assets:

php artisan vendor:publish --tag=cipi-config
php artisan vendor:publish --tag=cipi-assets
php artisan migrate

Seed the API user and create a token:

php artisan cipi:seed-api-user
php artisan cipi:token-create

Features

  • REST API — CRUD for apps, aliases, databases, SSL, and async jobs (/api/*), secured with Laravel Sanctum and token abilities. App create supports optional Git for custom apps (SFTP-only), matching Cipi 4.4.4+.
  • MCP Server — Model Context Protocol endpoint at /mcp for AI-powered integrations.
  • Swagger Docs — Interactive API reference at /docs, generated from public/api-docs/openapi.json. The spec covers apps, aliases, deploy, SSL, databases (GET /api/dbs via cipi db list; other /api/dbs/* actions use jobs), and job polling (including structured result types per job).
  • Artisan Commandscipi:token-create, cipi:token-list, cipi:token-revoke.

MCP Integration

The MCP server is exposed at /mcp using Streamable HTTP transport and is secured with the same Sanctum token used by the REST API (the token must have the mcp-access ability).

Generate a token if you haven't already:

php artisan cipi:token-create

Replace https://your-server.com and YOUR_TOKEN in the examples below with your actual Cipi host and token.

VS Code

Create (or edit) .vscode/mcp.json in your workspace:

{
  "inputs": [
    {
      "type": "promptString",
      "id": "cipi-token",
      "description": "Cipi API Token",
      "password": true
    }
  ],
  "servers": {
    "cipi-api": {
      "type": "http",
      "url": "https://your-server.com/mcp",
      "headers": {
        "Authorization": "Bearer ${input:cipi-token}"
      }
    }
  }
}

Restart VS Code after adding the configuration. The token will be requested on first connection and securely stored.

Cursor

Create (or edit) .cursor/mcp.json in your project root:

{
  "mcpServers": {
    "cipi-api": {
      "url": "https://your-server.com/mcp",
      "headers": {
        "Authorization": "Bearer YOUR_TOKEN"
      }
    }
  }
}

Restart Cursor after adding the configuration (Cursor v0.40+).

Claude Code

Run the following command from your terminal:

claude mcp add --transport http cipi-api https://your-server.com/mcp \
  --header "Authorization: Bearer YOUR_TOKEN"

Verify the server is connected:

claude mcp list

Available MCP Tools

Once connected, the following tools are available to the AI agent:

Tool Description
AppList List all apps with domains, PHP versions, and aliases
AppShow Show details of a specific app
AppCreate Create a new app (custom for non-Laravel apps; optional Git for custom SFTP-only sites, Cipi 4.4.4+)
AppEdit Edit an existing app
AppDelete Delete an app
AppDeploy Deploy an app
AppDeployRollback Rollback the last deploy
AppDeployUnlock Unlock a stuck deploy
AliasList List aliases for an app
AliasAdd Add an alias to an app
AliasRemove Remove an alias from an app
DbList List all databases with their sizes
DbCreate Create a new database with auto-generated credentials
DbDelete Permanently delete a database
DbBackup Create a compressed backup of a database
DbRestore Restore a database from a backup file
DbPassword Regenerate database password and update .env
SslInstall Install an SSL certificate for an app

Configuration

This package is automatically installed and configured by cipi api. No manual setup is needed.

The CIPI_APPS_JSON env variable defaults to /etc/cipi/apps.json.

GET /api/dbs runs sudo cipi db list on the host (synchronously), like the Cipi server CLI: vault and MariaDB access stay inside Cipi, not duplicated in PHP.

Why other API actions worked but db failed: Cipi configures /etc/sudoers.d/cipi-api so www-data may run NOPASSWD only for an explicit list of cipi subcommands (app, deploy, alias, ssl, …). Database commands were missing from that whitelist until Cipi 4.4.17, so sudo tried to ask for a password and failed without a TTY (sudo: a terminal is required). Update the server with cipi self-update (applies migration 4.4.17) or add the cipi db … lines to cipi-api sudoers manually (see Cipi setup.sh).

License

MIT