@hostingguru/mcp-server 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +94 -0
  2. package/main.cjs +1449 -0
  3. package/package.json +42 -0
package/README.md ADDED
@@ -0,0 +1,94 @@
1
+ # @hostingguru/mcp-server
2
+
3
+ Model Context Protocol server for [HostingGuru](https://hostingguru.io). Connect
4
+ your AI coding tool to your HostingGuru account to sign in, manage workspaces,
5
+ deploy GitHub repositories, and inspect deployment status — all through tool
6
+ calls.
7
+
8
+ ## Install
9
+
10
+ The MCP server is published as a Node CLI:
11
+
12
+ ```bash
13
+ npx -y @hostingguru/mcp-server
14
+ ```
15
+
16
+ ### Claude Desktop
17
+
18
+ Add this to `claude_desktop_config.json`:
19
+
20
+ ```json
21
+ {
22
+ "mcpServers": {
23
+ "hostingguru": {
24
+ "command": "npx",
25
+ "args": ["-y", "@hostingguru/mcp-server"]
26
+ }
27
+ }
28
+ }
29
+ ```
30
+
31
+ ### Cursor / Windsurf / other MCP clients
32
+
33
+ Use the same `command` + `args` shape in the client's MCP config.
34
+
35
+ ## Sign in
36
+
37
+ The MCP server stores credentials encrypted at `~/.hostingguru/credentials.json`.
38
+
39
+ ### Email + password
40
+
41
+ In your AI tool, run the `auth_login` tool. The server opens a local URL like
42
+ `http://localhost:54321/login`. Open it in your browser, enter your email and
43
+ password, and submit. The form posts to a one-shot endpoint on the same
44
+ local port — credentials never pass through the AI tool, and the form itself
45
+ is bound to a single-use nonce so no other process can race the submission.
46
+
47
+ If your email is unknown, an account is created and you'll receive a
48
+ verification email — same flow as `dashboard.hostingguru.io`.
49
+
50
+ ### Google or GitHub (OAuth)
51
+
52
+ OAuth providers redirect to the dashboard, not to a CLI, so:
53
+
54
+ 1. Sign in at `https://dashboard.hostingguru.io/auth` with Google or GitHub.
55
+ 2. Open DevTools → Application → Cookies → copy the value of the `token`
56
+ cookie.
57
+ 3. In your AI tool, run `auth_token` and paste it.
58
+
59
+ ### Sign out
60
+
61
+ Run `auth_logout`. The local credentials file is removed and the backend
62
+ cookie is invalidated.
63
+
64
+ ## Tools
65
+
66
+ | Tool | What it does |
67
+ | --- | --- |
68
+ | `auth_login` | Email/password sign-in or sign-up via local browser page |
69
+ | `auth_token` | Authenticate with a session token (for OAuth users) |
70
+ | `auth_status` | Show authenticated state + selected workspace |
71
+ | `auth_logout` | Sign out locally and on the backend |
72
+ | `list_workspaces` / `select_workspace` | Workspace selection |
73
+ | `list_projects` / `create_project` / `get_project` | Project management |
74
+ | `list_deployments` / `get_deployment` / `trigger_deployment` | Deployments |
75
+ | `list_env_vars` / `set_env_var` / `delete_env_var` | Environment variables |
76
+ | `list_repositories` / `connect_github` | GitHub integration |
77
+ | `attach_domain` / `verify_domain` | Custom domains |
78
+ | `get_subscription` | Billing status |
79
+
80
+ ## Security
81
+
82
+ - All traffic to the API uses HTTPS to `backend.hostingguru.io`.
83
+ - The session JWT is sent via `Cookie: token=…` (matches the dashboard's
84
+ cookie-only auth).
85
+ - Local sign-in helper binds to `127.0.0.1` only on an ephemeral port and
86
+ shuts down after 5 minutes or after first use.
87
+ - A random per-session nonce binds the `/submit` POST to the served login
88
+ page, so other local processes can't hijack the credential submission.
89
+ - Credentials at rest are AES-256-GCM encrypted with a key derived from
90
+ hostname + username + homedir.
91
+
92
+ ## License
93
+
94
+ MIT