README
ΒΆ
β‘ devx
Supercharged local dev environment β Podman + Cloudflare Tunnels + Tailscale in one CLI
Mission Statement
devx exists to bring absolute joy back to local development.
We relentlessly eliminate the daily friction that pulls developers out of their flow state. From wrestling with inconsistent OS kernels to manually managing .env files, mocking webhooks, or resetting scrambled testing databasesβwe believe your tooling should work natively, instantly, and invisibly so you can just write code.
Why devx? (More than just Compose or Skaffold)
While tools like Docker Compose excel at booting containers and Skaffold focuses on bridging local code to Kubernetes clusters, devx serves as a comprehensive, end-to-end Local Development Environment Orchestrator.
We go far beyond basic container networking by natively integrating the premium capabilities developers usually pay for or duct-tape together into a single, unified CLI:
- π Instant Public Ingress: Stop paying for ngrok. We securely wire your local containers to the internet instantly via Cloudflare Tunnels (
*.ipv1337.dev), right out of the box. - π Zero-Trust Corporate Access: Stop fighting with heavy VPN clients. The
devxVM natively joins your Tailscale mesh silently, giving your local apps direct access to staging and production databases. - π§ͺ Ephemeral E2E Testing: Unlike Compose which corrupts your local databases during UI tests,
devx test uidynamically clones isolated, randomized copies of your database topology to run Cypress/Playwright tests safely. - π Vault-Native Config Sync: Stop DMing
.envfiles.devxconnects to 1Password, Bitwarden, or GCP Secret Manager to automatically inject secrets natively directly into process environments. - π€ AI-Native from Day 1: Fully compliant with AI Agents (Cursor, Claude Code, Gemina) via deterministic
--jsonoutputs,--dry-runsafety mechanisms, and native Agent Skill discovery. - π¦ Intelligent Service Orchestration: Seamless DAG-based
depends_onstartup sequences rivaling Docker Compose and Skaffold, completely eliminating local "Connection Refused" loops. - βͺ Time-Travel Debugging: Snapshot and restore complete macro-topology states (RAM, volumes, networks) using CRIU, plus redact-safe diagnostic dumps for frictionless support (
devx state). - π¬ Local CI Emulation: Debug your GitHub Actions locally with
devx ci runβ matrix expansion, job DAGs, and parallel execution without the "fix ci" commit loop. - π οΈ Frictionless Resilience: Built-in automatic Port-Shifting transparently overrides
EADDRINUSEconflicts, and nativedevxcrash-tailing instantly pinpoints startup failures precisely inline. - π₯οΈ Integrated Developer Tools: We ship with native Bubble Tea TUIs for multiplexed log streaming, webhook HTTP request caching/replay, instant DB state snapshotting, and more.
devx provisions a customized Fedora CoreOS VM via Podman Machine or Docker and seamlessly drives this entire supercharged ecosystem.
The Solution
devx vm init # One command. Done.
You get a fully-configured Fedora CoreOS VM with:
- π Instant public HTTPS β Your machine gets
your-name.ipv1337.devautomatically - π Zero-trust corporate access β The VM joins your Tailnet transparently
- π ngrok-like port exposure β
devx tunnel expose 3000gives you a public URL in seconds - ποΈ Host-level isolation β Pre-tuned
inotifylimits, rootful containers, dedicated kernel
Installation
From Releases (recommended)
Download the latest binary from GitHub Releases:
# macOS (Apple Silicon)
curl -sL https://github.com/VitruvianSoftware/devx/releases/latest/download/devx_darwin_arm64.tar.gz | tar xz
sudo mv devx /usr/local/bin/
# macOS (Intel)
curl -sL https://github.com/VitruvianSoftware/devx/releases/latest/download/devx_darwin_amd64.tar.gz | tar xz
sudo mv devx /usr/local/bin/
# Linux (amd64)
curl -sL https://github.com/VitruvianSoftware/devx/releases/latest/download/devx_linux_amd64.tar.gz | tar xz
sudo mv devx /usr/local/bin/
From Source
go install github.com/VitruvianSoftware/devx@latest
Prerequisites
Run the built-in health check to audit and install prerequisites automatically:
devx doctor # check what's installed
devx doctor install # install missing tools
devx doctor auth # authenticate required services
Or install them manually:
| Tool | Install | Purpose |
|---|---|---|
| Podman | brew install podman |
VM and container runtime |
| cloudflared | brew install cloudflare/cloudflare/cloudflared |
Cloudflare tunnel daemon |
| butane | brew install butane |
Ignition config compiler |
| gh | brew install gh |
GitHub CLI (for devx sites) |
Quick Start
Before running any infrastructure, you should always check your host environment:
devx doctor
Path A: The Golden Path (Starting a Project)
# 1. Provision your dev environment
devx vm init
# 2. Generate a pre-wired API (e.g. go-api, node-api)
devx scaffold go-api
# 3. Boot required databases and tunnel mappings
cd new-project
devx up
# 4. Enter the isolated dev container (with AI and secrets injected!)
devx shell
Path B: The 'ngrok' Alternative
If you just want to punch a secure hole through to an app running on your Macbook right now:
# 1. Start your local application natively
npm run dev # (running on localhost:3000)
# 2. Expose it via Cloudflare Tunnels instantly
devx tunnel expose 3000 --name myapp
# β https://myapp.your-name.ipv1337.dev
Architecture
flowchart TB
subgraph devlaptop["Developer's Mac"]
direction TB
Code[VS Code / Terminal] --> |podman run| UserContainers
subgraph podmanvm["Podman Machine (Fedora CoreOS)"]
subgraph daemons["Systemd Controlled"]
TS[Tailscale Daemon]
CF[Cloudflared Tunnel]
end
subgraph UserContainers["Developer's Apps"]
App["API / Web App<br/>Port 8080"]
DB[(Local DB)]
end
CF -->|Forwards Ingress| App
TS -->|Exposes Subnets| App
end
end
subgraph internet["Public Web"]
CFEdge((Cloudflare Edge))
PublicURL["https://developer.ipv1337.dev"]
ExternalUser((External User / Webhook))
ExternalUser --> PublicURL
PublicURL --> CFEdge
end
subgraph tailnet["Internal Network (Corporate Tailnet)"]
StagingDB[(Staging Database)]
InternalAPI[Internal Microservices]
end
CFEdge <-->|Secure Encrypted Tunnel| CF
TS <-->|Zero-Trust VPN Overlay| tailnet
classDef vm fill:#f0f4f8,stroke:#0288d1,stroke-width:2px;
classDef daemon fill:#e1f5fe,stroke:#0277bd,stroke-width:1px;
classDef container fill:#e8f5e9,stroke:#2e7d32,stroke-width:1px;
class podmanvm vm;
class TS,CF daemon;
class App,DB container;
Design Principles
- One CLI, everything β VM, tunnels, databases, agent skills, and site hosting are all subcommands of
devx. - Convention over configuration β Sensible defaults, but everything is overridable.
- Transparency & Idempotency β Destructive operations show an impact summary. Commands are designed to be run repeatedly safely.
- AI-native β Agent skill files and
--jsonoutput makedevxcontrollable by AI coding assistants. - CLI + YAML parity β Every configurable behavior is available both as a CLI flag and as a
devx.yamlproperty. - Optimized Inner Loop β Developer flow state is sacred. Every feature is optimized to radically reduce cycle time.
- Client-Side First Architecture β No bloated centralized SaaS proxy servers required.
devxruns completely locally. - Absolute Portability β "It works on my machine" is solved permanently. Because
devxstandardizes a VM locally, execution topology is indistinguishable regardless of your host OS.
π Documentation
The full documentation for devx, including all CLI commands, advanced networking, and AI Agent workflows, is available at devx.vitruviansoftware.dev.
Contributing
We welcome contributions! Please read our Contributing Guide for details on:
- Development setup
- Code style and conventions
- Pull request process
- Commit message format
License
MIT Β© VitruvianSoftware
Documentation
ΒΆ
There is no documentation for this package.
Source Files
Directories
ΒΆ
| Path | Synopsis |
|---|---|
|
internal
|
|
|
audit
Package audit provides pre-push vulnerability and secret scanning.
|
Package audit provides pre-push vulnerability and secret scanning. |
|
ci
Package ci implements a local GitHub Actions workflow parser and executor.
|
Package ci implements a local GitHub Actions workflow parser and executor. |
|
cloud
Package cloud defines supported GCP cloud service emulators and their container configurations for one-command local provisioning via devx cloud spawn.
|
Package cloud defines supported GCP cloud service emulators and their container configurations for one-command local provisioning via devx cloud spawn. |
|
database
Package database defines supported database engines and their container configurations for one-click local provisioning via devx db spawn.
|
Package database defines supported database engines and their container configurations for one-click local provisioning via devx db spawn. |
|
devcontainer
Package devcontainer parses devcontainer.json files and resolves the container image, mounts, environment, and post-create commands needed to spin up an isolated development shell.
|
Package devcontainer parses devcontainer.json files and resolves the container image, mounts, environment, and post-create commands needed to spin up an isolated development shell. |
|
exposure
Package exposure persists local metadata for active tunnel exposures that cannot be retrieved from the Cloudflare API (e.g.
|
Package exposure persists local metadata for active tunnel exposures that cannot be retrieved from the Cloudflare API (e.g. |
|
inspector
Package inspector provides an HTTP reverse proxy with request/response capture and a terminal UI for inspecting and replaying traffic.
|
Package inspector provides an HTTP reverse proxy with request/response capture and a terminal UI for inspecting and replaying traffic. |
|
k8s
Package k8s manages the local zero-config Kubernetes clusters using k3s.
|
Package k8s manages the local zero-config Kubernetes clusters using k3s. |
|
mock
Package mock provides core lifecycle management for devx OpenAPI mock servers.
|
Package mock provides core lifecycle management for devx OpenAPI mock servers. |
|
nuke
Package nuke provides discovery and deletion logic for the 'devx nuke' command.
|
Package nuke provides discovery and deletion logic for the 'devx nuke' command. |
|
orchestrator
Package orchestrator implements a DAG-based service dependency graph for ordered startup of databases, mock servers, and developer applications.
|
Package orchestrator implements a DAG-based service dependency graph for ordered startup of databases, mock servers, and developer applications. |
|
provider
Package provider defines the VMProvider interface that abstracts away the underlying virtualization backend (Podman Machine, Docker Desktop, OrbStack, etc.) so that devx networking and provisioning can run on top of whatever hypervisor the developer already has.
|
Package provider defines the VMProvider interface that abstracts away the underlying virtualization backend (Podman Machine, Docker Desktop, OrbStack, etc.) so that devx networking and provisioning can run on top of whatever hypervisor the developer already has. |
|
ship
Package ship β hook.go provides the pre-push hook content and installation.
|
Package ship β hook.go provides the pre-push hook content and installation. |
|
testing
Package testing provides the ephemeral test topology engine for devx test ui.
|
Package testing provides the ephemeral test topology engine for devx test ui. |
|
updater
Package updater provides a lightweight, cached version check against GitHub Releases.
|
Package updater provides a lightweight, cached version check against GitHub Releases. |
|
webhook
Package webhook implements a local HTTP catch-all server for inspecting outbound webhook payloads.
|
Package webhook implements a local HTTP catch-all server for inspecting outbound webhook payloads. |
Click to show internal directories.
Click to hide internal directories.