Home

Vibe Coder Server — Wiki

Self-hostable Android development server orchestrating Claude Code, Gradle, and Git as child processes. Browser-only operation, optional Android companion client. Ships as a two-container docker compose stack (vibe-coder-server + postgres:17-alpine).

Table of contents

Getting started

• Quick Start (Docker) — 3-minute setup
• Data Volumes & Backup — unified ./vibe-coder-data/ layout
• Architecture Overview — modules, child processes, persistence

Build environment

• Build Environment Setup — Android SDK / Gradle / Node
• Claude Authentication — terminal / file upload / API key / web OAuth
• MCP Catalog — 60+ servers, checkbox UI, per-MCP tokens
• Git Integration — PAT + SSH key for private repo clone
• Android Keystores — per-package signing key set + AdMob IDs
• Project Settings — rename display name / package / folder (project ID)
• Custom Agents — ~/.claude/agents/*.md CRUD UI
• Build Cache Management — Gradle / Android / npm cache size + cleanup
• APK Signature Inspection — apksigner verify inline on build detail
• Dependency Audit — Gradle dependency tree + coord extraction
• Build Automation — Cron schedule + external webhook trigger
• Prompt Automation — Server-side autopilot: repeat/sequence prompts on every turn completion
• Code Analysis — Gradle wrapper / code stats / workspace grep

API for clients (Android, CLI, scripts)

• REST API Reference — every endpoint with curl + Retrofit examples
• WebSocket Protocol — auth flow + frame types
• Android Client Guide — repository pattern + auth + key flows
• [[CLI (vibe)|CLI]] — bundled bash MVP
• PWA & VS Code extension — installable web app + IDE integration
• Keyboard Shortcuts — g p / ? / etc
• Multi-Console — N-pane multi-project console
• Multi-Agent Sub-Agent Pool — independent Claude child per (project, agent)

Personalization

• Internationalization (i18n) — English / Korean SSR + per-user choice + VIBECODER_DEFAULT_LANGUAGE env

Security & sessions

• Security Model — auth, CSRF, IP block, path safety
• Two-Factor Auth (TOTP) — RFC 6238, Authenticator-compatible
• WebAuthn (Passkey) — phishing-resistant 2FA + passwordless-only mode
• Rate Limit — per-IP token-bucket throttle, admin bypass
• Audit Log — what gets recorded, how to filter

This is a single-operator tool: one admin, and every authenticated session has full access. See Security Model for details.

Operations / notifications

• Metrics (Prometheus) — /metrics admin endpoint, zero deps
• Conversation History — prompts/responses persisted in PG
• Conversation Search & Archive — cross-project /history, export/import, auto-archive
• In-App Notifications — top-right bell, per-kind on/off, "Clear all"
• Email Notifications — SMTP config + triggers
• Webhook Notifications — Slack / Discord / Telegram
• Web Push — VAPID browser push, payload-encrypted (RFC 8291)
• Disk Usage Monitor — workspace filesystem polling + threshold alerts
• Backup & Restore — /backup tar.gz + pg_dump guide

Releases & deployments

• Git Workflow — read-only diff/log + commit/push
• Publishing to Stores — Play Console + TestFlight via MCP
• Kubernetes (Helm chart) — single-replica k8s deployment
• Troubleshooting — common errors + fixes
• Upgrade Guide — version migration paths

Stack at a glance

Layer	Details
Server image	siamakerlab/vibe-coder-server:latest (linux/amd64)
Sidecar	postgres:17-alpine
Base OS	Ubuntu 26.04 LTS (Resolute Raccoon)
Kotlin	2.2.20 / Ktor 3.1.2 / JDK 17 / Exposed 0.55.0 + PostgreSQL JDBC 42.7.4
Email	Jakarta Mail 2.1.3 + Angus 2.0.3
Webhook	java.net.http.HttpClient (JDK 11+ stdlib, no external deps)
Web Push	VAPID P-256 + RFC 8291 aes128gcm (JDK stdlib only — java.security + javax.crypto)
TOTP	RFC 6238 self-implemented (no external deps)
WebAuthn / passkey	webauthn4j 0.29.1
Archives	Apache Commons Compress 1.27.1 (tar.gz streaming)
Bundled CLI	cli/vibe bash + curl (jq optional)
Bundled VS Code extension	vscode-extension/ v0.2.0 (TreeView + status bar + WS subscribe; not yet on Marketplace)
PWA	manifest + service worker (push event handler, payload-decrypted)
Auth model	Single-operator — one admin, every authenticated session has full access
Multi-agent	SubAgentSessionManager — independent Claude child per (project, agent); turns persisted to PG with /history filter UI
Conversation search	PG tsvector + GIN on conversation_turns.content_tsv (simple tokenizer; sub-ms across 100k+ rows)
Symbol lookup	SymbolFinder regex-based best-effort fun/class/object/val/var/typealias (Kotlin + Java)
Metrics	/metrics Prometheus exposition (11 gauges + 5 counters, zero deps)
Rate limit	per-IP token bucket on /api/, /ws/, /login (admin bypass)
Backup automation	BackupScheduler cron + retention rotation
Cache stats	ClaudeStreamParser.UsageReport → conversation_turns(role="usage") + /usage aggregation
Kubernetes	helm/vibe-coder-server/ minimal chart
Wireless ADB	sidebar connection badge + connect/logcat; HOST network for mDNS auto-discovery (docker/compose.host.yml), manual-address fallback

Repositories

• Server: https://github.com/siamakerlab/vibe-coder-server (this repo)
• Android client: vibe-coder-android — same shared/ module (DTOs / ApiPath / WsFrame) must stay in sync. See Android Client Guide for the integration playbook.

License

GNU Affero General Public License v3.0. SaaS deployments must release modifications under the same license.