[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-74128":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":25,"hasPages":23,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":31,"readmeContent":32,"aiSummary":33,"trendingCount":16,"starSnapshotCount":16,"syncStatus":34,"lastSyncTime":35,"discoverSource":36},74128,"open-terminal","open-webui\u002Fopen-terminal","open-webui","A computer you can curl ⚡","https:\u002F\u002Fopenterminal.sh\u002F",null,"Python",2673,203,17,18,0,21,57,167,63,28.93,"MIT License",false,"main",true,[27,28,29,30,7],"agentic-ai","ai","ai-agents","ai-tools","2026-06-12 02:03:22","# ⚡ Open Terminal\n\nA lightweight, self-hosted terminal that gives AI agents and automation tools a dedicated environment to run commands, manage files, and execute code — all through a simple API.\n\n## Why Open Terminal?\n\nAI assistants are great at writing code, but they need somewhere to *run* it. Open Terminal is that place — a remote shell with file management, search, and more, accessible over a simple REST API.\n\nYou can run it two ways:\n\n- **Docker (sandboxed)** — runs in an isolated container with a full toolkit pre-installed: Python, Node.js, git, build tools, data science libraries, ffmpeg, and more. Great for giving AI agents a safe playground without touching your host system.\n- **Bare metal** — install it with `pip` and run it anywhere Python runs. Commands run directly on your machine with access to your real files, your real tools, and your real environment, perfect for local development, personal automation, or giving an AI assistant full access to your actual projects.\n\n## Getting Started\n\n### Docker (recommended)\n\n```bash\ndocker run -d --name open-terminal --restart unless-stopped -p 8000:8000 -v open-terminal:\u002Fhome\u002Fuser -e OPEN_TERMINAL_API_KEY=your-secret-key ghcr.io\u002Fopen-webui\u002Fopen-terminal\n```\n\nThat's it — you're up and running at `http:\u002F\u002Flocalhost:8000`.\n\n> [!TIP]\n> If you don't set an API key, one is generated automatically. Grab it with `docker logs open-terminal`.\n\n#### Image Variants\n\n| | `latest` | `slim` | `alpine` |\n|---|---|---|---|\n| **Best for** | AI agent sandboxes | Production \u002F hardened | Edge \u002F CI \u002F minimal footprint |\n| **Size** | ~4 GB | ~430 MB | ~230 MB |\n| **Bundled tooling** | Node.js, gcc, ffmpeg, LaTeX, Docker CLI, data science libs | git, curl, jq | git, curl, jq |\n| **Install packages at runtime** | ✔ (has `sudo`) | ✘ | ✘ |\n| **Multi-user mode** | ✔ | ✘ | ✘ |\n| **Egress firewall** | ✔ | ✔ | ✔ |\n\n**`slim`** and **`alpine`** have the same feature set. Slim uses Debian (glibc) for broader binary compatibility; Alpine uses musl libc and is smaller, but some C-extension pip packages may need to compile from source.\n\n```bash\ndocker run -d -p 8000:8000 -e OPEN_TERMINAL_API_KEY=secret ghcr.io\u002Fopen-webui\u002Fopen-terminal:slim\ndocker run -d -p 8000:8000 -e OPEN_TERMINAL_API_KEY=secret ghcr.io\u002Fopen-webui\u002Fopen-terminal:alpine\n```\n\n> [!NOTE]\n> Slim and Alpine don't support `OPEN_TERMINAL_PACKAGES` \u002F `OPEN_TERMINAL_PIP_PACKAGES` \u002F `OPEN_TERMINAL_NPM_PACKAGES`. To add packages, extend [Dockerfile.slim](Dockerfile.slim) or [Dockerfile.alpine](Dockerfile.alpine).\n\n#### Updating\n\n```bash\ndocker pull ghcr.io\u002Fopen-webui\u002Fopen-terminal\ndocker rm -f open-terminal\n```\n\nThen re-run the `docker run` command above.\n\n### Bare Metal\n\nNo Docker? No problem. Open Terminal is a standard Python package:\n\n```bash\n# One-liner with uvx (no install needed)\nuvx open-terminal run --host 0.0.0.0 --port 8000 --api-key your-secret-key\n\n# Or install globally with pip\npip install open-terminal\nopen-terminal run --host 0.0.0.0 --port 8000 --api-key your-secret-key\n```\n\n> [!CAUTION]\n> On bare metal, commands run directly on your machine with your user's permissions. Use Docker if you want sandboxed execution.\n\n#### Customizing the Docker Environment\n\nThe easiest way to add extra packages is with environment variables — no fork needed:\n\n```bash\ndocker run -d --name open-terminal -p 8000:8000 \\\n  -e OPEN_TERMINAL_PACKAGES=\"cowsay figlet\" \\\n  -e OPEN_TERMINAL_PIP_PACKAGES=\"httpx polars\" \\\n  -e OPEN_TERMINAL_NPM_PACKAGES=\"typescript tsx\" \\\n  ghcr.io\u002Fopen-webui\u002Fopen-terminal\n```\n\n| Variable | Description |\n|---|---|\n| `OPEN_TERMINAL_PACKAGES` | Space-separated list of **apt** packages to install at startup |\n| `OPEN_TERMINAL_PIP_PACKAGES` | Space-separated list of **pip** packages to install at startup |\n| `OPEN_TERMINAL_NPM_PACKAGES` | Space-separated list of **npm** packages to install globally at startup |\n\n> [!NOTE]\n> Packages are installed each time the container starts, so startup will take longer with large package lists. For heavy customization, build a custom image instead.\n\n#### Docker Access\n\nThe image includes the Docker CLI, Compose, and Buildx. To let agents build images, run containers, etc., mount the host's Docker socket:\n\n```bash\ndocker run -d --name open-terminal -p 8000:8000 \\\n  -v \u002Fvar\u002Frun\u002Fdocker.sock:\u002Fvar\u002Frun\u002Fdocker.sock \\\n  -v open-terminal:\u002Fhome\u002Fuser \\\n  ghcr.io\u002Fopen-webui\u002Fopen-terminal\n```\n\n> [!CAUTION]\n> Mounting the Docker socket gives the container **full control over the host's Docker daemon**, which is effectively root access on the host machine. Anyone with access to the terminal can pull\u002Frun arbitrary containers (including `--privileged` ones), mount host directories, access host networking, and manage all containers on the host. Only do this in fully trusted environments.\n\nFor full control, fork the repo, edit the [Dockerfile](Dockerfile), and build your own image:\n\n```bash\ndocker build -t my-terminal .\ndocker run -d --name open-terminal -p 8000:8000 my-terminal\n```\n\n\n## Configuration\n\nOpen Terminal can be configured via a TOML config file, environment variables, and CLI flags. Settings are resolved in this order (highest priority wins):\n\n1. **CLI flags** (`--host`, `--port`, `--api-key`, etc.)\n2. **Environment variables** (`OPEN_TERMINAL_API_KEY`, etc.)\n3. **User config** — `$XDG_CONFIG_HOME\u002Fopen-terminal\u002Fconfig.toml` (defaults to `~\u002F.config\u002Fopen-terminal\u002Fconfig.toml`)\n4. **System config** — `\u002Fetc\u002Fopen-terminal\u002Fconfig.toml`\n5. **Built-in defaults**\n\nCreate a config file at either location with any of these keys (all optional):\n\n```toml\nhost = \"0.0.0.0\"\nport = 8000\napi_key = \"sk-my-secret-key\"\ncors_allowed_origins = \"*\"\nlog_dir = \"\u002Fvar\u002Flog\u002Fopen-terminal\"\nbinary_mime_prefixes = \"image,audio\"\nexecute_timeout = 5  # seconds to wait for command output (unset by default)\n```\n\n> [!TIP]\n> Use the system config at `\u002Fetc\u002Fopen-terminal\u002Fconfig.toml` to set site-wide defaults for host and port, and the user config for personal settings like the API key — this keeps the key out of `ps` \u002F `htop`.\n\nYou can also point to a specific config file:\n\n```bash\nopen-terminal run --config \u002Fpath\u002Fto\u002Fmy-config.toml\n```\n\n## Using with Open WebUI\n\nOpen Terminal integrates with [Open WebUI](https:\u002F\u002Fgithub.com\u002Fopen-webui\u002Fopen-webui), giving your AI assistants the ability to run commands, manage files, and interact with a terminal right from the AI interface. Make sure to add it under **Open Terminal** in the integrations settings, not as a tool server. Adding it as an Open Terminal connection gives you a built-in file navigation sidebar where you can browse directories, upload, download, and edit files. There are two ways to connect:\n\n### Direct Connection\n\nUsers can connect their own Open Terminal instance from their user settings. This is useful when the terminal is running on their local machine or a network only they can reach, since requests go directly from the **browser**.\n\n1. Go to **User Settings → Integrations → Open Terminal**\n2. Add the terminal **URL** and **API key**\n3. Enable the connection\n\n### System-Level Connection (Multi-User)\n\nAdmins can configure Open Terminal connections for all their users from the admin panel. No additional services required. Multiple terminals can be set up with access controlled at the user or group level. Requests are proxied through the Open WebUI **backend**, so the terminal only needs to be reachable from the server.\n\n1. Go to **Admin Settings → Integrations → Open Terminal**\n2. Add the terminal **URL** and **API key**\n3. Enable the connection\n\n#### Built-in Multi-User Isolation\n\n> [!CAUTION]\n> Single-container multi-user mode is **not designed for production multi-user deployments**. All users share the same kernel, network, and system resources with no hard isolation boundaries between them. If one user's process misbehaves, it can affect every other user on the system. This mode exists as a lightweight convenience for small, trusted groups — not as a security model you should rely on.\n\nFor small, trusted deployments you can enable per-user isolation inside a single container:\n\n```bash\ndocker run -d --name open-terminal -p 8000:8000 \\\n  -v open-terminal:\u002Fhome \\\n  -e OPEN_TERMINAL_MULTI_USER=true \\\n  -e OPEN_TERMINAL_API_KEY=your-secret-key \\\n  ghcr.io\u002Fopen-webui\u002Fopen-terminal\n```\n\nEach user automatically gets a dedicated Linux account with its own home directory. Files, commands, and terminals are isolated between users via standard Unix permissions.\n\n## API Docs\n\nFull interactive API documentation is available at [http:\u002F\u002Flocalhost:8000\u002Fdocs](http:\u002F\u002Flocalhost:8000\u002Fdocs) once your instance is running.\n\n## Star History\n\n\u003Ca href=\"https:\u002F\u002Fstar-history.com\u002F#open-webui\u002Fopen-terminal&Date\">\n  \u003Cpicture>\n    \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"https:\u002F\u002Fapi.star-history.com\u002Fsvg?repos=open-webui\u002Fopen-terminal&type=Date&theme=dark\" \u002F>\n    \u003Csource media=\"(prefers-color-scheme: light)\" srcset=\"https:\u002F\u002Fapi.star-history.com\u002Fsvg?repos=open-webui\u002Fopen-terminal&type=Date\" \u002F>\n    \u003Cimg alt=\"Star History Chart\" src=\"https:\u002F\u002Fapi.star-history.com\u002Fsvg?repos=open-webui\u002Fopen-terminal&type=Date\" \u002F>\n  \u003C\u002Fpicture>\n\u003C\u002Fa>\n\n> [!TIP]\n> **Need container-per-user isolation?** Check out **[Terminals](https:\u002F\u002Fgithub.com\u002Fopen-webui\u002Fterminals)**, which provisions and manages separate Open Terminal containers per user. For lighter deployments, built-in multi-user mode (`OPEN_TERMINAL_MULTI_USER=true`) provides per-user isolation inside a single container.\n\n## License\n\nMIT — see [LICENSE](LICENSE) for details.\n","Open Terminal 是一个轻量级的自托管终端，为AI代理和自动化工具提供了一个专用环境来运行命令、管理文件和执行代码，所有这些都通过简单的API实现。其核心功能包括远程shell访问、文件管理和搜索等，并支持Docker容器化部署或直接在Python环境中安装使用。项目采用Python编写，提供了多种Docker镜像变体以适应不同需求，从全功能版到精简版，满足从AI沙盒测试到生产环境的各种场景。特别适用于需要给AI助手一个安全可控的运行空间而不影响主机系统的开发者，或是希望在本地开发时直接利用现有工具链与真实文件环境的个人用户。",2,"2026-06-11 03:48:55","high_star"]