Welcome to Crewship
Crewship is a self-hosted runtime for AI coding agents. Every crew gets its own Linux container — a real machine where its agents can install services, run databases, mount volumes, and build a complete working system together. The whole environment runs on your hardware and is packaged into portable, encrypted backups, so nothing your agents create ever disappears. Scale your Claude Code, Codex, Gemini, OpenCode, Cursor, or Factory Droid session into a fleet of governed agents with cost budgets, approval gates, and audit logs built in.Quick Start
Get the runtime live on your hardware in 60 seconds, then your first crew in 5 minutes.
Philosophy
Why Crewship exists, and why agents are persistent colleagues — not function calls.
Production Checklist
The six things a production agent system needs — and how Crewship covers all of them.
Architecture
Understand the sidecar model, container isolation, and IPC layer under the hood.
CLI Reference
Full reference for every
crewship command and flag.API Reference
REST API, WebSocket, and Webhook endpoints.
Core Concepts
Crews
Teams of agents with shared context, integrations, and goals.
Agents
Individual AI agents with roles, credentials, and a workspace they keep across runs.
Credentials
AES-256-GCM encrypted API keys with priority-based failover.
Skills
Reusable capabilities — local imports today, marketplace coming soon.
Inbox
Per-user actionable feed — waitpoints, escalations, failed runs, mentions, in one Linear-Triage list.
Routines
Declarative AI workflow recipes — cron + webhook + manual triggers, two-tier execution, HITL gates.
Activity
Workspace-wide live trace of agent runs as a single canvas with inline approvals.
Key Features
| Feature | Description |
|---|---|
| Persistent agent identity | Each agent has a role, team, credentials, memory, and work history |
| Team-based organization | Group agents into crews with shared context |
| Credential vault | AES-256-GCM encrypted keys with priority-based failover |
| Isolated execution | Every crew runs in its own Docker container |
| Role-based access | 5-tier RBAC: Owner, Admin, Manager, Member, Viewer (server-side enforcement; UI for tier assignment lands in v0.2) |
| Real-time logs | JSONL streaming via WebSocket |
| 4-tier memory with FTS5 | Agent, crew, workspace, and session memory with sub-ms SQLite FTS5 search — no embeddings, no vector DB |
| Devcontainer provisioning | devcontainer.json + mise-based crew runtimes with shared cache images and 24 h registry-digest checks |
| Rate limiting & security headers | Per-IP limits (10 req/min auth, 120 req/min API), standard response-header hardening, single-use OAuth state with 15 min expiry |
| Backup & restore | Portable AGE-encrypted .tar.zst bundles, workspace or crew scope, forward-compatible manifest, advisory locking, retention rotation |
| Multi-workspace | Manage multiple organizations from a single instance |
| Self-hosted | Run on your own infrastructure, keep your data |
| CLI adapters | Claude Code, Codex CLI, Gemini CLI, OpenCode, Cursor CLI, Factory Droid |
Tech Stack
| Layer | Technology |
|---|---|
| Backend | Go single binary (REST API + WebSocket + embedded UI) |
| UI | Next.js 16, React 19, Tailwind CSS 4, shadcn/ui |
| Auth | NextAuth.js v5 (Auth.js) compatible, JWE tokens |
| Database | SQLite (PostgreSQL on the v0.2 roadmap) |
| Containers | Docker, Apple Containers (macOS 26+); Kubernetes on the v0.2 roadmap |
| Agent runtime | CLI adapters in isolated containers with sidecar proxy |