README
¶
Oriel
The local Docker GUI an AI can drive — safely.
Manage containers, images, volumes, networks, and Compose from a clean browser UI — or hand the job to any MCP client (Claude, Cursor, a local LLM), through the same secret-masking and destructive-action grant the UI uses. Works with any Docker engine — Colima, Docker Engine, OrbStack, Podman, remote — on macOS and Linux. A free, open-source Docker Desktop alternative: one ~13 MB binary, ~15–30 MB RAM, no Electron, no account, Apache-2.0.
Drive it with AI
Point any MCP client at Oriel and ask in plain English. It calls the same validated, secret-masked tools the UI does — chaining several to actually answer, not just firing one:
you — why does
apikeep restarting?assistant — reads
container.list→container.inspect→ the logs — it's exiting 137 (OOM): the container is capped at 256 MB and the Node heap runs past it. Raise the memory limit or fix the leak inworker.js.
oriel mcp # stdio MCP server for Claude, Cursor, or a local LLM
No model ships in the binary — your client brings it. Reads run anytime; destructive actions stay locked behind a grant. Setup & tool list ↓
Install
Homebrew (macOS & Linux):
brew install ParadoxInfinite/oriel/oriel
Script — detects your platform, verifies the checksum (read it first):
curl -fsSL https://raw.githubusercontent.com/ParadoxInfinite/oriel/main/install.sh | sh
Manual binary, Go, or source
Download a binary from releases — oriel-darwin-arm64 (Apple Silicon), oriel-darwin-amd64 (Intel), oriel-linux-arm64, or oriel-linux-amd64 — then chmod +x. Or:
go install github.com/ParadoxInfinite/oriel@latest # with Go
make build # from source (builds + embeds the UI)
Run
./oriel # opens http://127.0.0.1:4321
Flags: --port <n> (default 4321), --no-open. Run on login: ./oriel service install (launchd / systemd; also status, uninstall).
Needs any Docker Engine–compatible runtime + the docker CLI. Colima is first-class (adds VM start/stop); Docker Engine, OrbStack, Rancher/Docker Desktop, Podman, and remote daemons also work (docs/DAEMONS.md). For remote access over a private network, see docs/REVERSE-PROXY.md — and the security note first.
Features
- Containers — live CPU/mem, exit codes, bulk actions, streaming logs, full inspect.
- AI control (MCP) — any MCP client drives Docker/Colima through the same validated, secret-masked tools, with destructive actions behind a grant. More ↓
- Images — pull with registry search, prune, one-click tag.
- Compose — manage stacks, plus discover & deploy projects from disk.
- Dashboard — CPU history, memory, disk, uptime/outage tracking.
- Command palette (
⌘K) — fuzzy-run any action or jump to any view. - Editions & themes — swap the whole UI (Studio / Classic), light/dark/system, custom accents.
- Light & live — ~15–30 MB RAM, one SSE stream (no polling), checksum-verified self-update.
How it compares
The usual ways to run containers on a Mac or Linux box, and where Oriel fits. (Figures drift; treat as a snapshot.)
| Oriel | Docker Desktop | OrbStack | lazydocker | Portainer | |
|---|---|---|---|---|---|
| License | Apache-2.0, free | Proprietary (paid for larger orgs) | Proprietary (paid for commercial use) | MIT, free | Free (CE) |
| Interface | Graphical web UI | Desktop app | Native app | Terminal (TUI) | Web UI (server) |
| Footprint | ~15–30 MB RAM, ~13 MB binary | Heavy (Electron + VM) | Light (native) | Light | Needs a container + ≥2 GB RAM |
| Install | Single static binary | Installer | Installer | Single binary | Run a container |
| Bring-your-own engine | Colima · Docker · OrbStack · Podman · remote | Bundled engine | Bundled engine | Any Docker socket | Any Docker socket |
| Runs locally, no account | Yes | Account/sign-in | Account | Yes | Server + auth |
| AI control (MCP) | Built-in, safety-gated | MCP Toolkit (runs other servers) | No | No | No |
It's the only one here an AI can drive directly, through the same checks the UI gives you. Reach for it over Docker Desktop / OrbStack (no paid license, bundled VM, or menu-bar app), over lazydocker (a real graphical UI, not a terminal one), or over Portainer (a binary you run for yourself, not a server to deploy and lock down).
Coming: an in-browser shell, an audit log, richer remote auth (sessions / SSO), and a mobile-friendly UI. Roadmap.
AI control (MCP)
oriel mcp runs Oriel as a Model Context Protocol server, so an MCP client (Claude Desktop, Claude Code, Cursor, a local LLM) manages your Docker/Colima in plain English — headless, no GUI needed. Same tools, same guardrails:
- Secrets stay masked —
container.inspectnever hands raw env values to a model. - Destructive actions are locked until you open a window (
oriel ai allow-destructive --for 6h). Reads always work; remove/prune don't, until you say so. - No model in the binary — your client brings the model; Oriel stays vendor-neutral.
{ "mcpServers": { "oriel": { "command": "oriel", "args": ["mcp"] } } }
Setup and the full tool list: docs/MCP.md.
Editions & themes
The UI is a swappable plugin on a stable platform SDK: Studio (default; light/dark/system) and Classic (dark teal). Recolor either, or drop in your own — docs/THEMES.md.
Security
Oriel has no authentication, and driving Docker is effectively root on the host. Run it locally, or over a private network only (Tailscale, ZeroTier, WireGuard, …) — never the public internet. Full trust model: SECURITY.md.
FAQ
Is there a GUI for Colima? Yes — Colima ships CLI-only by design, and Oriel is the browser UI it never shipped. It also drives Docker Engine, OrbStack, Podman, and remote daemons.
A free Docker Desktop alternative? Yes — Apache-2.0, no license fees, no account. Point it at any Docker-compatible engine.
Can an AI manage my containers? Yes — run oriel mcp and point any MCP client (Claude, Cursor, a local LLM) at it. Same validated, secret-masked tools as the UI; destructive actions stay locked until you grant them.
How is it different from lazydocker? lazydocker is a terminal UI; Oriel is a graphical browser UI with dashboards, streaming logs, registry search, Compose discovery, and themeable editions.
Footprint and platforms? ~15–30 MB RAM, ~13 MB binary, no Electron. macOS (Apple Silicon + Intel) and Linux (amd64 + arm64).
Develop
make dev + make dev-web (Vite hot reload), make test. See CONTRIBUTING.md.
License
Apache-2.0 © The Oriel contributors. See NOTICE.
Documentation
¶
There is no documentation for this package.
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
internal
|
|
|
actions
Package actions wires concrete Docker/Colima operations into the generic tool Registry and supplies the entity resolver.
|
Package actions wires concrete Docker/Colima operations into the generic tool Registry and supplies the entity resolver. |
|
colima
Package colima wraps the `colima` CLI, which has no API.
|
Package colima wraps the `colima` CLI, which has no API. |
|
discovery
Package discovery finds Docker Compose projects on disk under user-configured roots, so the UI can offer "available but not yet deployed" stacks alongside the label-derived running ones.
|
Package discovery finds Docker Compose projects on disk under user-configured roots, so the UI can offer "available but not yet deployed" stacks alongside the label-derived running ones. |
|
docker
Package docker talks to the Docker Engine API exposed by Colima's unix socket.
|
Package docker talks to the Docker Engine API exposed by Colima's unix socket. |
|
execstream
Package execstream runs a command and streams its combined output line by line, used for long-running CLI operations (colima lifecycle, docker compose) that the UI displays as live progress.
|
Package execstream runs a command and streams its combined output line by line, used for long-running CLI operations (colima lifecycle, docker compose) that the UI displays as live progress. |
|
grant
Package grant implements the time-boxed "destructive actions" window that unlocks Destructive tools for non-interactive callers (the MCP server, a future in-app assistant).
|
Package grant implements the time-boxed "destructive actions" window that unlocks Destructive tools for non-interactive callers (the MCP server, a future in-app assistant). |
|
mcp
Package mcp exposes Oriel's validated tool Registry as a Model Context Protocol server over stdio.
|
Package mcp exposes Oriel's validated tool Registry as a Model Context Protocol server over stdio. |
|
secrets
Package secrets masks sensitive environment-variable values so they don't leak from the inspect panel (screenshots, screen-shares) or to an AI model over MCP.
|
Package secrets masks sensitive environment-variable values so they don't leak from the inspect panel (screenshots, screen-shares) or to an AI model over MCP. |
|
server
Package server wires the HTTP router for Oriel: a small JSON REST surface for actions, SSE channels for live data, and the embedded frontend.
|
Package server wires the HTTP router for Oriel: a small JSON REST surface for actions, SSE channels for live data, and the embedded frontend. |
|
service
Package service installs Oriel as a background service so it starts automatically and stays running: a launchd LaunchAgent on macOS, and a systemd service on Linux (a per-user unit, or a system unit with --system / when run as root).
|
Package service installs Oriel as a background service so it starts automatically and stays running: a launchd LaunchAgent on macOS, and a systemd service on Linux (a per-user unit, or a system unit with --system / when run as root). |
|
settings
Package settings owns the user's persisted configuration (settings.json): base path, allowed hosts, auth token, masking policy, and compose-discovery config.
|
Package settings owns the user's persisted configuration (settings.json): base path, allowed hosts, auth token, masking policy, and compose-discovery config. |
|
tools
Package tools is the canonical action layer.
|
Package tools is the canonical action layer. |
|
userdata
Package userdata resolves Oriel's per-user data directory.
|
Package userdata resolves Oriel's per-user data directory. |