Skip to content

VoidChecksum/omniwire

BranchesTags

Repository files navigation

OmniWire

npm tools transports node license

One MCP server to control all your machines. Multi-path SSH2 failover, adaptive file transfers, encrypted cross-node config sync.

How It Works

graph TB
    subgraph clients["AI Agents"]
        CC["Claude Code"]
        OC["OpenCode"]
        CU["Cursor / Any MCP Client"]
    end

    subgraph omniwire["OmniWire MCP Server"]
        direction TB
        MCP["MCP Protocol Layer\nstdio | SSE | REST"]

        subgraph tools["34 Tools"]
            direction LR
            EXEC["Execution\nexec  run  batch\nbroadcast"]
            FILES["Files\nread  write\ntransfer  deploy"]
            MON["Monitoring\nstatus  metrics\nlogs"]
            SYS["System\ndocker  services\nkernel"]
            SYNC["CyberSync\nsync  diff\nsearch  secrets"]
        end

        subgraph engine["Core Engine"]
            direction LR
            POOL["SSH2 Pool\npersistent  compressed\ncircuit breaker"]
            XFER["Transfer Engine\nSFTP  netcat+gzip\naria2c 16-conn"]
            CSYNC["Sync Engine\nPostgreSQL  XChaCha20\nparallel reconcile"]
        end
    end

    subgraph mesh["Infrastructure Mesh"]
        direction LR
        N1["Node A\nstorage\n10.0.0.1"]
        N2["Node B\ncompute\n10.0.0.2"]
        N3["Node C\nGPU\n10.0.0.3"]
        N4["Node D\nlocal"]
    end

    DB[("PostgreSQL\nCyberSync DB")]

    CC & OC & CU -->|MCP| MCP
    MCP --> tools
    tools --> engine
    POOL -->|"SSH2 multi-path"| N1 & N2 & N3
    POOL -->|"local exec"| N4
    CSYNC --> DB

    style omniwire fill:#0A0E14,stroke:#59C2FF,stroke-width:2px,color:#C6D0E1
    style clients fill:#1A1F2E,stroke:#91B362,stroke-width:1px,color:#C6D0E1
    style mesh fill:#1A1F2E,stroke:#E6B450,stroke-width:1px,color:#C6D0E1
    style tools fill:#141922,stroke:#59C2FF,stroke-width:1px,color:#C6D0E1
    style engine fill:#141922,stroke:#CC93E6,stroke-width:1px,color:#C6D0E1
    style MCP fill:#1A1F2E,stroke:#59C2FF,color:#59C2FF
    style DB fill:#1A1F2E,stroke:#CC93E6,color:#CC93E6
Loading

Features at a Glance

Remote Execution

omniwire_exec       single command, any node
omniwire_run        multi-line script (compact UI)
omniwire_batch      N commands in 1 tool call
omniwire_broadcast  parallel across all nodes

Adaptive File Transfer

 < 10 MB   SFTP         native, 80ms
 10M-1GB   netcat+gzip  compressed, 200ms
 > 1 GB    aria2c       16-parallel, max speed

Connection Resilience

Connected --> Health Ping (45s)
    |              |
    |         > 5s? --> Degraded warning
    |
Failure --> Multi-path Failover
    |         WireGuard --> Tailscale --> Public IP
    |
    +--> Retry (exp. backoff)
    |         500ms -> 1s -> 2s -> ... -> 15s
    |
3 fails --> Circuit OPEN (30s)
                 --> Auto-recover

CyberSync + CyberBase

Node A --push--> PostgreSQL (cyberbase)
    |                 |
    |            XChaCha20-Poly1305
    |            encrypted at rest
    |
    +--mirror--> Obsidian Vault
                     |
                Obsidian Sync (cloud)

6 AI tools synced automatically:
Claude  OpenCode  Codex  Gemini  ...

All 34 Tools

Execution (4 tools)
Tool Description
omniwire_exec Run a command on any node. Supports label for compact display.
omniwire_run Execute multi-line scripts via temp file. Keeps tool call UI clean.
omniwire_batch Run N commands across nodes in a single tool call. Parallel by default.
omniwire_broadcast Execute on all online nodes simultaneously.
Monitoring (3 tools)
Tool Description
omniwire_mesh_status Health, latency, CPU/mem/disk for all nodes
omniwire_node_info Detailed info for a specific node
omniwire_live_monitor Snapshot metrics: cpu, memory, disk, network
Files (4 tools)
Tool Description
omniwire_read_file Read file from any node. Supports node:/path format.
omniwire_write_file Write/create file on any node
omniwire_list_files List directory contents
omniwire_find_files Search by glob pattern across all nodes
Transfer & Deploy (2 tools)
Tool Description
omniwire_transfer_file Copy between nodes. Auto-selects SFTP/netcat/aria2c.
omniwire_deploy Deploy file from one node to all others in parallel
System (6 tools)
Tool Description
omniwire_process_list List/filter processes across nodes
omniwire_disk_usage Disk usage for all nodes
omniwire_tail_log Last N lines of a log file
omniwire_install_package Install via apt/npm/pip
omniwire_service_control systemd start/stop/restart/status
omniwire_docker Run docker commands on any node
Network (2 tools)
Tool Description
omniwire_port_forward Create/list/close SSH tunnels
omniwire_open_browser Open URL in browser on a node
Advanced (4 tools)
Tool Description
omniwire_kernel dmesg, sysctl, modprobe, lsmod, strace, perf
omniwire_shell Persistent PTY session (preserves cwd/env)
omniwire_stream Capture streaming output (tail -f, watch)
omniwire_update Self-update OmniWire
CyberSync (9 tools)
Tool Description
cybersync_status Sync status, item counts, pending syncs
cybersync_sync_now Trigger immediate reconciliation
cybersync_diff Show local vs database differences
cybersync_history Query sync event log
cybersync_search_knowledge Full-text search unified knowledge base
cybersync_get_memory Retrieve Claude memory from PostgreSQL
cybersync_manifest Show tracked files per tool
cybersync_force_push Force push file to all nodes
omniwire_secrets Get/set/delete/list/sync secrets (1Password, file, env)

Quick Start

Install

npm install -g omniwire

Configure Mesh

Create ~/.omniwire/mesh.json:

{
  "nodes": [
    {
      "id": "server1",
      "host": "10.0.0.1",
      "user": "root",
      "identityFile": "id_ed25519",
      "role": "storage"
    },
    {
      "id": "server2",
      "host": "10.0.0.2",
      "user": "root",
      "identityFile": "id_ed25519",
      "role": "compute"
    }
  ]
}

Add to Claude Code

{
  "mcpServers": {
    "omniwire": {
      "command": "omniwire",
      "args": ["--stdio"]
    }
  }
}

Interactive Mode

omniwire    # or: ow

Performance

Operation Latency Details
Command exec ~120ms SSH2 + command + return
Mesh status ~150ms Parallel probes, 8s cache
File read (<1MB) ~80ms SFTP, binary-safe
Transfer (10MB) ~200ms gzip netcat over WireGuard
Config push ~200ms Parallel to all nodes + Obsidian mirror
Reconcile (500 files) ~1.2s 100-file hash batches, parallel walkDir

Security

All remote execution uses ssh2.Client.exec(), never child_process.exec(). Key-based auth only, no passwords stored. Multi-path failover (WireGuard → Tailscale → Public IP) with SSH key caching. CyberBase: single PostgreSQL DB for all projects. XChaCha20-Poly1305 at-rest encryption for synced configs. 2MB output guard prevents memory exhaustion. Circuit breaker with 30s auto-recovery isolates failing nodes.

Transport Modes

Mode Default Port Use Case
--stdio -- Claude Code, Cursor, MCP subprocess clients
--sse-port=N 3200 OpenCode, remote HTTP-based MCP clients
--rest-port=N 3201 Scripts, dashboards, non-MCP integrations 
omniwire --stdio                          # MCP mode
omniwire --sse-port=3200 --rest-port=3201 # HTTP mode
omniwire --stdio --no-sync               # MCP without CyberSync

Changelog

v2.1.0 — Multi-Path Failover & Performance

Connectivity

  • Multi-path host resolution: WireGuard → Tailscale → Public IP per node
  • Auto-reconnect tries all paths before marking node offline
  • exec() attempts immediate reconnect on offline nodes before failing

Performance

  • SSH key caching (no repeated disk reads)
  • Compression disabled for small commands (faster round-trips)
  • Reconnect backoff: 500ms start, 15s cap (was 1s/30s)
  • Health ping interval: 45s (was 30s) with lighter true command
  • Status cache: 8s TTL (was 5s)
  • Circuit breaker recovery: 30s (was 60s)

CyberSync

  • Parallel walkDir with 8 concurrent subdirectory scans
  • Hash batch size doubled (50 → 100)
  • Reconcile interval: 2min (was 5min)
  • Timing in reconcile logs

Output

  • Compact ok() / fail() helpers for cleaner Claude Code results
  • mesh_status outputs aligned table with column headers
  • node_info shows which host path is active (WG/Tailscale/Public)
  • exec and run use label field as display tag

CyberBase Integration

  • Renamed PostgreSQL database from cybersync to cyberbase (single DB for everything)
  • VaultBridge: mirrors all sync items, knowledge, and memory to Obsidian-compatible markdown
  • Obsidian vault at ~/Documents/BuisnessProjects/CyberBase with Obsidian Sync for cloud backup
  • Daily event logs in vault/logs/
  • obsidian-mcp deployed on all mesh nodes for AI vault access

Architecture

omniwire/
  src/
    mcp/           MCP server (34 tools, 3 transports)
    nodes/         SSH2 pool, transfer engine, PTY, tunnels
    sync/          CyberSync + CyberBase (PostgreSQL, Obsidian vault, encryption)
    protocol/      Mesh config, types, path parsing
    commands/      Interactive REPL
    ui/            Terminal formatting

Requirements

  • Node.js >= 20
  • SSH access to remote nodes (key-based auth)
  • PostgreSQL (only for CyberSync)
  • WireGuard + Tailscale recommended (multi-path failover uses both)
  • Obsidian (optional) for CyberBase vault browsing + Obsidian Sync cloud backup

MIT License

footer

About

Unified mesh control layer — 30-tool MCP server for managing SSH nodes, file transfers, and config sync across distributed infrastructure

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

0 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages