Automate Docker Compose deployments straight from your Git repository. A single Rust binary with GitOps polling, health-checked rolling updates, and automatic rollback — no orchestrator required.
Everything you need to keep Docker Compose services in sync with your Git repository — automatically, reliably, and securely.
Repository polling, webhook triggers, and multi-branch deployments across environments. Features secure authentication, application auto-discovery, and a lifecycle event system for orchestration.
Orchestration with environment-specific profile activation and variable injection. Supports rolling updates with health checks. Advanced strategies requiring traffic splitting (blue-green, canary) are planned as future features.
Deploy AI models via Docker Model Runner. Supports llama.cpp and vLLM inference engines with OpenAI-compatible APIs, health monitoring, and resource management.
Designed for constrained or unreliable networks. Features offline mode for graceful outage handling, multi-site synchronization, and token-bucket bandwidth control to manage resource utilization.
Automatic update checking with Ed25519 signature verification for binary authenticity. Includes health-check based automatic rollback, zero-downtime binary replacement, and update history tracking.
Native Prometheus metrics endpoint, Loki log streaming integration, and OpenTelemetry tracing support. Monitor deployments, container health, and agent performance in real time.
Version-tracked configurations with a built-in diff engine, rollback validator, and Git sync. Changes are tracked and can be rolled back to any previous state.
Priority queue for Docker image pre-pulls with bandwidth control and automatic cache cleanup. Ensures containers are ready before deployment windows open, minimizing downtime.
Schedule deployments with cron expressions. Define recurring maintenance windows, one-time overrides, and black-out periods to deploy on your terms — not on every push.
Encryption, signing, and access control built into every layer by default.
All credentials and secrets encrypted at rest. Credential health monitoring with rotation alerts and expiration tracking.
Standards-based authentication with PKCE flow, JWKS caching, RS256 verification, silent token renewal, and automatic user provisioning.
Hub deploys with HSTS (1-year), secure cookies, and SSL redirect out of the box. Agent-to-Hub communication secured with mTLS (future release).
Tamper-proof audit trail with Ed25519-signed log entries. Complete deployment history for forensic and compliance review.
Container vulnerability scanning with CycloneDX and SPDX SBOM generation. Dedicated SBOM Dashboard in the Hub for supply-chain visibility.
Token-bucket rate limiting, CORS policies, comprehensive input validation, and bearer-token API protection across all endpoints.
A typical GitOps deployment flow — from git push to running services, with centralized Hub oversight.
Push triggers change
Poll / webhook detect
Strategy & health checks
Your applications, live
Optional dashboard for monitoring & config
Built with Rust — zero production panics, 11 domain error enums, intelligent retry logic.
An optional companion dashboard for monitoring your agents and pushing configuration updates. Built with Django and React.
Agent overview, deployment history & logs
Pull, deploy & monitor models on your hosts
Version-tracked config, release publish pipeline
OIDC auth, audit logs & SBOM dashboard
Up and running in minutes.
Also available via Homebrew and as a Proxmox LXC deployment with dual GHCR/source install modes.
Install MicroCD with the one-line installer or from source.
Generate a configuration file:
microcd --generate-config microcd.yaml
Point it at your Git repo and run:
microcd --config microcd.yaml
Access the local web dashboard:
http://localhost:8080
From cloud VMs to Proxmox LXC containers — MicroCD fits your infrastructure.