Local stdio MCP server for read-only diagnosis of on-prem Linux VMs and PostgreSQL databases
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Project description
infra-mcp
Read-only MCP access to on-prem Linux VMs and PostgreSQL databases over SSH.
agent ──stdio──▶ infra-mcp ──SSH──▶ VMs (journald · log files)
└──▶ DBs (read-only PostgreSQL)
An agent can check service health, retrieve bounded logs, inspect DB state, and explore table schemas — without terminal access. Every remote operation is allowlist-gated and written to an append-only audit log.
Install
uv tool install infra-mcp
# or
pip install infra-mcp
Configure
Copy infra-mcp.yaml.example to ~/.infra-mcp/infra-mcp.yaml and edit it.
# Generate a starter config from ~/.ssh/config
infra-mcp generate-config -o ~/.infra-mcp/infra-mcp.yaml
# Create the read-only PostgreSQL role(s)
infra-mcp setup
# Check VM reachability
infra-mcp test
# Refresh discovered services, log dirs, and databases (updates config in place)
infra-mcp discover --in-place
Override the config path with --config or INFRA_MCP_CONFIG.
Run
infra-mcp run
Register as a stdio MCP server in your client (Claude Code, Cursor, …) with command infra-mcp run.
Tools
VM & services
| Tool | Purpose |
|---|---|
list_vms |
All VMs with reachability and watched services |
get_infra_overview |
Service states + DB health for one VM in a single call |
get_service_status |
systemd state, uptime, last 5 log lines |
get_service_logs |
Bounded journald logs, filtered by severity |
get_log_file |
Last N lines of an allowed log file, optional grep |
Databases
| Tool | Purpose |
|---|---|
get_db_status |
Connection counts, waiting locks, long-running query count |
query_db |
Bounded caller-supplied SELECT |
list_tables |
Tables in a database (schema + name), capped at 200 |
describe_table |
Columns, types, primary key, foreign keys for one table |
Meta
| Tool | Purpose |
|---|---|
get_audit_log |
Recent entries from the local audit log |
All output is bounded server-side (200 log lines, 100 DB rows, 200 tables/columns max). Truncation is always flagged with a -- TRUNCATED: marker. list_tables and describe_table cache results in memory (TTL: schema_cache_ttl_hours, default 24 h); pass refresh: true to force a live re-read.
Security model
- SSH commands and systemd services are checked against a per-VM allowlist before any network call.
- All DB queries run as a read-only role inside a
READ ONLYtransaction. - Log file paths are resolved against a per-VM directory allowlist (
..traversal blocked). - Every remote operation is appended to a local JSONL audit log.
Project details
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file infra_mcp-0.1.1.tar.gz.
File metadata
- Download URL: infra_mcp-0.1.1.tar.gz
- Upload date:
- Size: 27.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cc2927d8bb6853b8c7f86904c07f2d1a68b039525683c4fcd474d92527ba1b67
|
|
| MD5 |
ea34d02d4b358dbadbcf9fd89478755d
|
|
| BLAKE2b-256 |
956fbf8f519a09caaa68a0cdb33a4bea6546c40e2298a06467e0dc5a94c50f66
|
Provenance
The following attestation bundles were made for infra_mcp-0.1.1.tar.gz:
Publisher:
publish.yml on esp4ce/infra-mcp
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
infra_mcp-0.1.1.tar.gz -
Subject digest:
cc2927d8bb6853b8c7f86904c07f2d1a68b039525683c4fcd474d92527ba1b67 - Sigstore transparency entry: 1871307832
- Sigstore integration time:
-
Permalink:
esp4ce/infra-mcp@dbe112e242dc52822423b1685815e4e7618aed7c -
Branch / Tag:
refs/tags/v0.1.1 - Owner: https://github.com/esp4ce
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@dbe112e242dc52822423b1685815e4e7618aed7c -
Trigger Event:
release
-
Statement type:
File details
Details for the file infra_mcp-0.1.1-py3-none-any.whl.
File metadata
- Download URL: infra_mcp-0.1.1-py3-none-any.whl
- Upload date:
- Size: 26.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0d0e42d7b711db510c4f280f35b84e95bdee141e0486a3d665b82c605bea086f
|
|
| MD5 |
f3efb035151f19ed52bf9dd7a0d2681c
|
|
| BLAKE2b-256 |
375ec410cdc14605a8a5092aa31b48128c2e91f935ba5d65fb477e6a5d5a89f4
|
Provenance
The following attestation bundles were made for infra_mcp-0.1.1-py3-none-any.whl:
Publisher:
publish.yml on esp4ce/infra-mcp
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
infra_mcp-0.1.1-py3-none-any.whl -
Subject digest:
0d0e42d7b711db510c4f280f35b84e95bdee141e0486a3d665b82c605bea086f - Sigstore transparency entry: 1871308012
- Sigstore integration time:
-
Permalink:
esp4ce/infra-mcp@dbe112e242dc52822423b1685815e4e7618aed7c -
Branch / Tag:
refs/tags/v0.1.1 - Owner: https://github.com/esp4ce
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@dbe112e242dc52822423b1685815e4e7618aed7c -
Trigger Event:
release
-
Statement type:
