中文 | English
OpsinTech is an AI-Native Operations Platform for production environments. v1.0 is built on DeerFlow's Agent runtime (ByteDance, GitHub Trending #1), with multi-tenancy, RBAC, audit logging, visual admin dashboards, and database-driven configuration layered on top.
Our mission: turn AI Agents from impressive demos into governed, enterprise-ready platforms.
- Why OpsinTech Exists
- v1.0 — What We Built
- Our Vision
- Roadmap
- Quick Start
- Supported Models
- Internationalization
- Documentation
- Contributing
- License
- Acknowledgments
DeerFlow proved that AI Agents can go beyond chat — they can plan, decompose tasks, execute code in isolated sandboxes, and produce real files and deliverables. Sub-agent parallelism, persistent memory, sandbox isolation — these capabilities earned it 37K+ GitHub stars, and deservedly so.
DeerFlow excels as an Agent runtime and developer toolkit. OpsinTech builds on top of it to address what teams need when moving from evaluation to production:
| Scenario | DeerFlow | OpsinTech Enhancement |
|---|---|---|
| Team Collaboration | Single-user mode | Multi-tenancy with user → tenant → global isolation |
| Access Control | No role-based permissions | RBAC with platform_admin / tenant_admin / tenant_member |
| Model Configuration | Hand-edited YAML files | 20+ provider templates in admin UI, database-backed, per-tenant assignment |
| Administration | Command-line scripts only | Visual admin dashboards for both platform and tenant levels |
| Audit & Compliance | No operation traceability | Full audit trail for all operations, per-tenant isolation |
| Skills & MCP | Functional runtime, manual setup | Per-tenant management via admin UI, lifecycle tracking |
| Security Governance | Basic sandbox isolation | User status management, mandatory password rotation, operation audit |
| Onboarding | Configuration-heavy, steep learning curve | Docker one-command deploy, admin UI-driven setup |
We're not starting from scratch. DeerFlow's Agent runtime is one of the most mature in open source, and for v1.0 we chose to inherit it — then layer on what teams need to use it in production.
Short-term (v1.x): Keep DeerFlow's runtime, add the governance layer — multi-tenancy, RBAC, audit, admin dashboards, database-backed config, model provider templates.
Long-term (v2.x+): Gradually replace DeerFlow internal dependencies with our own architecture, incorporating real operations scenarios — alert ingestion, incident management, workflow orchestration, governed terminals — to form a true AI-Native Operations Platform.
- Three-tier resource isolation:
user → tenant → global, strict data separation - Two admin dashboards: Platform admin (users, tenants, audit, model templates) + Tenant admin (members, models, tools, skills)
- Auto-created personal tenant on registration, zero manual setup
- Roles:
platform_admin/tenant_admin/tenant_member
- 20+ provider templates in the admin UI — dropdown to select, auto-fills provider class, base URL, and capability flags. No LangChain class paths to memorize
- Models stored in database, assigned per-tenant, with active / deprecated / retired lifecycle
- Providers: OpenAI · Anthropic · DeepSeek · Azure OpenAI · Gemini · Ollama · OpenRouter · Groq · Together AI · SiliconFlow · DashScope · Zhipu · Moonshot · MiniMax · Baichuan · 01.AI · Volcengine Ark · Novita AI
- Full audit trail for all operations, per-tenant isolation
- User status management (active / suspended)
- Mandatory password change on first login
- UI supports 4 languages: English, 中文, 日本語, 한국어
- Auto-detects browser language preference with manual switcher
- Docker one-command deploy:
docker compose up -d - Artifact management: browse, preview, download all agent-generated files
- Platform announcement system with tenant/role targeting
OpsinTech is not "DeerFlow with a dashboard." We're building a secure, governed, AI-Native Operations Platform for production environments.
On this platform, Agents don't just chat and generate code — they operate within boundaries: permission controls, audit records, execution approvals. Starting from Agent conversations, progressively extending into alerting, incidents, workflows, and terminal execution, ultimately forming a complete chain:
Discover → Understand → Decide → Execute → Audit
This space is almost entirely vacant in open source. That's why we need community voices.
Who we're looking for: If you work in operations, security, compliance, or platform engineering, and you're excited by AI Agents but can't use them in production because of missing governance and security — you're exactly who we're building for. Your pain points and suggestions are OpsinTech's roadmap.
✅ v1.0 (Current) — Governable AI Agent Platform
├─ Multi-tenancy + RBAC + Audit
├─ 20+ model provider templates, database-backed
├─ Visual admin dashboards (platform + tenant)
└─ Docker one-command deploy
🔜 v1.1 — Smart Alerting
├─ Webhook / Alertmanager ingestion
├─ Raw Alert → Signal → Incident pipeline
├─ AI-powered summaries and context assembly
└─ Incident-to-workspace context linking
🔜 v1.2 — Workflows + Terminal
├─ Event-driven workflow engine
├─ SOP templates (service restart, log collection, health checks)
├─ Governed terminal execution + audit trail
└─ Full closed loop: Alert → Incident → Workflow → Terminal → Audit
📋 v2.0 — Digital Operators & Ecosystem
├─ Custom Agents: SOUL.md + tool_groups whitelist + Skill/Workflow binding
├─ Auto-route alerts to agent operators
├─ Skill marketplace: community contributions + official scenarios
├─ AI Analysis Workbench: data analysis, reports, PPT generation
└─ Gradual replacement of DeerFlow internals with our own architecture
-
Clone and configure
git clone https://github.com/opsintech/opsintech-platform.git cd opsintech-platform make configGenerates
config.yamlwith platform-level settings (database, sandbox, tool groups). No model configuration needed. -
Start and log in
make up
Open http://localhost:2026. On first visit, you'll be redirected to the Setup Wizard to set your admin email and password.
You can also use
docker compose up -d, butmake uphandles config initialization and secret generation automatically. -
Add models via admin UI
Log in as platform admin, go to Settings → Models, pick from 20+ provider templates, enter your API key.
Models are stored in the database. Do not configure models in
config.yamlfor production.
Docker production:
make up # Build images and start all services (recommended for first deploy)
make up-nobuild # Start services without rebuilding images
make down # Stop and remove containers
make rebuild-images # Remove all OpsinTech images and rebuild from scratchLocal development:
make check # Verify prerequisites (Node.js 22+, pnpm, uv, nginx)
make install # Install dependencies
make dev # Start dev servers (with hot-reload)
make stop # Stop all servicesDocker development:
make docker-init # Pull sandbox image
make docker-start # Start Docker dev services
make docker-stop # Stop Docker dev services
make docker-logs # View all logsAccess: http://localhost:2026
In China, pulling base images during Docker builds may fail due to network issues. Pre-pull before building:
# Required images
docker pull python:3.12-slim
docker pull node:22-alpine
docker pull nginx:alpine
docker pull docker:cli
# Build-stage dependency
docker pull ghcr.io/astral-sh/uv:0.9.26
# Optional images
docker pull postgres:16-alpine # PostgreSQL mode
docker pull enterprise-public-cn-beijing.cr.volces.com/vefaas-public/all-in-one-sandbox:latest # SandboxFor mirror accelerator setup, see the Quick Start Guide.
Three execution modes: Local / Docker containers / Docker + Kubernetes. See Sandbox Guide.
Configurable MCP servers (managed per-tenant via admin UI). Supports stdio/SSE/HTTP transports with OAuth token flows.
| Category | Providers |
|---|---|
| Global Leaders | OpenAI · Anthropic · DeepSeek · Azure OpenAI · Gemini |
| Aggregators | OpenRouter · Groq · Together AI |
| Self-Hosted | Ollama |
| China-Based | DashScope · Zhipu · Moonshot · MiniMax · Baichuan · 01.AI · Volcengine Ark · SiliconFlow |
| Other | Novita AI · Any OpenAI-compatible provider |
We welcome contributions — code, documentation, scenario suggestions, or real-world pain points. Open an Issue or PR.
MIT License. See LICENSE.
v1.0 is built on DeerFlow (by ByteDance). DeerFlow's Agent runtime — LangGraph orchestration, sub-agent parallelism, sandboxed execution, persistent memory — is one of the best Agent infrastructures in open source. Deep gratitude to the DeerFlow team and community.
Our relationship with DeerFlow: In v1.x, we inherit DeerFlow's Agent runtime and add governance. As we evolve, we'll gradually replace internal dependencies and form our own architecture. OpsinTech's long-term identity is not a DeerFlow fork — it's an independent, operations-focused AI-Native platform.