@warnyin/nginx-proxy-manager-mcp 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 warnyin
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,110 @@
+# @warnyin/nginx-proxy-manager-mcp
+
+An [MCP](https://modelcontextprotocol.io) server that exposes the **full [Nginx Proxy Manager](https://nginxproxymanager.com) REST API** as tools your AI assistant can call. Drop it into Claude Desktop, Claude Code, Cursor, or any MCP-compatible client and manage proxy hosts, redirections, 404 hosts, streams, SSL certificates, access lists, users, settings, audit log, and reports through natural language.
+
+Tool surface is generated from the latest NPM swagger spec — every documented endpoint is reachable, plus an `npm_request` low-level escape hatch for anything obscure.
+
+## Install / Run
+
+No global install needed. Run via `npx`:
+
+```bash
+npx -y @warnyin/nginx-proxy-manager-mcp
+```
+
+The server talks MCP over **stdio** — point your client at the command above with the env vars described below.
+
+## Configuration
+
+| Env var | Required | Default | Description |
+| --- | --- | --- | --- |
+| `NPM_BASE_URL` | no | `http://127.0.0.1:81/api` | Base URL of NPM API (include `/api`). |
+| `NPM_EMAIL` | one of | – | Login email. Combine with `NPM_PASSWORD` for automatic token issuing + refresh. |
+| `NPM_PASSWORD` | one of | – | Login password. |
+| `NPM_TOKEN` | one of | – | Pre-issued JWT. Skips automatic login (will not auto-refresh once expired). |
+
+You must provide either `NPM_TOKEN` *or* the `NPM_EMAIL` + `NPM_PASSWORD` pair.
+
+## Claude Desktop / Claude Code config
+
+```jsonc
+{
+  "mcpServers": {
+    "nginx-proxy-manager": {
+      "command": "npx",
+      "args": ["-y", "@warnyin/nginx-proxy-manager-mcp"],
+      "env": {
+        "NPM_BASE_URL": "http://127.0.0.1:81/api",
+        "NPM_EMAIL": "admin@example.com",
+        "NPM_PASSWORD": "changeme"
+      }
+    }
+  }
+}
+```
+
+## Available tools
+
+Grouped by NPM tag — names use the `<group>_<action>` convention.
+
+### System
+- `npm_api_root` — `GET /`
+- `npm_version_check` — `GET /version/check`
+- `npm_schema` — `GET /schema`
+- `npm_request` — generic escape hatch for any path / method
+
+### Tokens
+- `tokens_login`, `tokens_refresh`, `tokens_validate_2fa`
+
+### Users
+- `users_list`, `users_create`, `users_get`, `users_update`, `users_delete`
+- `users_set_auth`, `users_set_permissions`, `users_sudo_login`
+- `users_2fa_get`, `users_2fa_setup`, `users_2fa_enable`, `users_2fa_disable`, `users_2fa_backup_codes`
+
+### Proxy hosts
+- `proxy_hosts_list`, `proxy_hosts_create`, `proxy_hosts_get`, `proxy_hosts_update`, `proxy_hosts_delete`
+- `proxy_hosts_enable`, `proxy_hosts_disable`
+
+### Redirection hosts
+- `redirection_hosts_list`, `redirection_hosts_create`, `redirection_hosts_get`, `redirection_hosts_update`, `redirection_hosts_delete`
+- `redirection_hosts_enable`, `redirection_hosts_disable`
+
+### 404 hosts (dead hosts)
+- `dead_hosts_list`, `dead_hosts_create`, `dead_hosts_get`, `dead_hosts_update`, `dead_hosts_delete`
+- `dead_hosts_enable`, `dead_hosts_disable`
+
+### Streams
+- `streams_list`, `streams_create`, `streams_get`, `streams_update`, `streams_delete`
+- `streams_enable`, `streams_disable`
+
+### Certificates
+- `certificates_list`, `certificates_create`, `certificates_get`, `certificates_delete`
+- `certificates_download`, `certificates_renew`, `certificates_upload`
+- `certificates_validate`, `certificates_test_http`, `certificates_dns_providers`
+
+### Access lists
+- `access_lists_list`, `access_lists_create`, `access_lists_get`, `access_lists_update`, `access_lists_delete`
+
+### Audit log
+- `audit_log_list`, `audit_log_get`
+
+### Reports
+- `reports_hosts`
+
+### Settings
+- `settings_list`, `settings_get`, `settings_update`
+
+## Local development
+
+```bash
+git clone https://github.com/warnyin/nginx-proxy-manager-mcp.git
+cd nginx-proxy-manager-mcp
+npm install
+npm run typecheck
+npm run build
+node dist/index.js   # or `npm run dev` for tsx watch mode
+```
+
+## License
+
+MIT

package/dist/api.js

@@ -0,0 +1,72 @@
+export class NpmApi {
+    config;
+    state = null;
+    constructor(config) {
+        this.config = config;
+        if (config.token) {
+            this.state = { token: config.token, expiresAt: Number.MAX_SAFE_INTEGER };
+        }
+    }
+    async ensureToken() {
+        if (this.state && this.state.expiresAt - Date.now() > 60_000) {
+            return this.state.token;
+        }
+        if (!this.config.email || !this.config.password) {
+            throw new Error("Cached token expired and no NPM_EMAIL/NPM_PASSWORD set for refresh.");
+        }
+        const url = `${this.config.baseUrl}/tokens`;
+        const res = await fetch(url, {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify({ identity: this.config.email, secret: this.config.password }),
+        });
+        if (!res.ok) {
+            throw new Error(`Login failed: ${res.status} ${res.statusText} — ${await res.text()}`);
+        }
+        const data = (await res.json());
+        this.state = { token: data.token, expiresAt: new Date(data.expires).getTime() };
+        return this.state.token;
+    }
+    async request(path, opts = {}) {
+        const token = await this.ensureToken();
+        const url = new URL(`${this.config.baseUrl}${path}`);
+        if (opts.query) {
+            for (const [k, v] of Object.entries(opts.query)) {
+                if (v === undefined || v === null)
+                    continue;
+                url.searchParams.set(k, String(v));
+            }
+        }
+        const headers = {
+            Authorization: `Bearer ${token}`,
+            Accept: "application/json",
+            ...(opts.headers ?? {}),
+        };
+        if (opts.body !== undefined && !opts.raw) {
+            headers["Content-Type"] = "application/json";
+        }
+        const res = await fetch(url, {
+            method: opts.method ?? "GET",
+            headers,
+            body: opts.body === undefined
+                ? undefined
+                : opts.raw
+                    ? opts.body
+                    : JSON.stringify(opts.body),
+        });
+        const text = await res.text();
+        let parsed = text;
+        if (text && (res.headers.get("content-type") ?? "").includes("application/json")) {
+            try {
+                parsed = JSON.parse(text);
+            }
+            catch {
+                // leave as text
+            }
+        }
+        if (!res.ok) {
+            throw new Error(`NPM API ${opts.method ?? "GET"} ${path} → ${res.status} ${res.statusText}: ${typeof parsed === "string" ? parsed : JSON.stringify(parsed)}`);
+        }
+        return parsed;
+    }
+}

package/dist/config.js

@@ -0,0 +1,11 @@
+export function loadConfig() {
+    const baseUrl = (process.env.NPM_BASE_URL ?? "http://127.0.0.1:81/api").replace(/\/+$/, "");
+    const email = process.env.NPM_EMAIL;
+    const password = process.env.NPM_PASSWORD;
+    const token = process.env.NPM_TOKEN;
+    if (!token && !(email && password)) {
+        throw new Error("Missing credentials: set NPM_TOKEN, or both NPM_EMAIL and NPM_PASSWORD. " +
+            "Optionally set NPM_BASE_URL (default: http://127.0.0.1:81/api).");
+    }
+    return { baseUrl, email, password, token };
+}

package/dist/index.js

@@ -0,0 +1,6 @@
+#!/usr/bin/env node
+import { startServer } from "./server.js";
+startServer().catch((err) => {
+    console.error("[nginx-proxy-manager-mcp] fatal:", err instanceof Error ? err.message : err);
+    process.exit(1);
+});

package/dist/server.js

@@ -0,0 +1,38 @@
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { loadConfig } from "./config.js";
+import { NpmApi } from "./api.js";
+import { registerSystemTools } from "./tools/system.js";
+import { registerTokenTools } from "./tools/tokens.js";
+import { registerUserTools } from "./tools/users.js";
+import { registerProxyHostTools } from "./tools/proxy-hosts.js";
+import { registerRedirectionHostTools } from "./tools/redirection-hosts.js";
+import { registerDeadHostTools } from "./tools/dead-hosts.js";
+import { registerStreamTools } from "./tools/streams.js";
+import { registerCertificateTools } from "./tools/certificates.js";
+import { registerAccessListTools } from "./tools/access-lists.js";
+import { registerAuditLogTools } from "./tools/audit-log.js";
+import { registerReportsTools } from "./tools/reports.js";
+import { registerSettingsTools } from "./tools/settings.js";
+export async function startServer() {
+    const config = loadConfig();
+    const api = new NpmApi(config);
+    const server = new McpServer({
+        name: "nginx-proxy-manager-mcp",
+        version: "0.1.0",
+    });
+    registerSystemTools(server, api);
+    registerTokenTools(server, api);
+    registerUserTools(server, api);
+    registerProxyHostTools(server, api);
+    registerRedirectionHostTools(server, api);
+    registerDeadHostTools(server, api);
+    registerStreamTools(server, api);
+    registerCertificateTools(server, api);
+    registerAccessListTools(server, api);
+    registerAuditLogTools(server, api);
+    registerReportsTools(server, api);
+    registerSettingsTools(server, api);
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+}

package/dist/tools/access-lists.js

@@ -0,0 +1,73 @@
+import { z } from "zod";
+import { TextResult, ErrorResult } from "../util.js";
+const ClientRule = z.object({
+    address: z.string(),
+    directive: z.enum(["allow", "deny"]),
+});
+const Item = z.object({
+    username: z.string(),
+    password: z.string(),
+});
+export function registerAccessListTools(server, api) {
+    server.tool("access_lists_list", "List all access lists (GET /nginx/access-lists).", { expand: z.string().optional().describe("e.g. `owner,items,clients,proxy_hosts`") }, async ({ expand }) => {
+        try {
+            return TextResult(await api.request("/nginx/access-lists", { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("access_lists_create", "Create an access list (POST /nginx/access-lists).", {
+        name: z.string(),
+        satisfy_any: z.boolean().optional().describe("Match any rule (OR) vs all (AND)"),
+        pass_auth: z.boolean().optional(),
+        items: z.array(Item).optional().describe("HTTP basic auth credentials"),
+        clients: z.array(ClientRule).optional().describe("IP allow/deny rules"),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ extra, ...body }) => {
+        try {
+            return TextResult(await api.request("/nginx/access-lists", {
+                method: "POST",
+                body: { ...body, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("access_lists_get", "Get an access list (GET /nginx/access-lists/{id}).", { id: z.number().int(), expand: z.string().optional() }, async ({ id, expand }) => {
+        try {
+            return TextResult(await api.request(`/nginx/access-lists/${id}`, { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("access_lists_update", "Update an access list.", {
+        id: z.number().int(),
+        name: z.string().optional(),
+        satisfy_any: z.boolean().optional(),
+        pass_auth: z.boolean().optional(),
+        items: z.array(Item).optional(),
+        clients: z.array(ClientRule).optional(),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ id, extra, ...body }) => {
+        try {
+            return TextResult(await api.request(`/nginx/access-lists/${id}`, {
+                method: "PUT",
+                body: { ...body, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("access_lists_delete", "Delete an access list.", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/access-lists/${id}`, { method: "DELETE" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+}

package/dist/tools/audit-log.js

@@ -0,0 +1,20 @@
+import { z } from "zod";
+import { TextResult, ErrorResult } from "../util.js";
+export function registerAuditLogTools(server, api) {
+    server.tool("audit_log_list", "List audit log entries (GET /audit-log).", { expand: z.string().optional().describe("e.g. `user`") }, async ({ expand }) => {
+        try {
+            return TextResult(await api.request("/audit-log", { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("audit_log_get", "Get a single audit log entry (GET /audit-log/{id}).", { id: z.number().int(), expand: z.string().optional() }, async ({ id, expand }) => {
+        try {
+            return TextResult(await api.request(`/audit-log/${id}`, { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+}

package/dist/tools/certificates.js

@@ -0,0 +1,109 @@
+import { z } from "zod";
+import { TextResult, ErrorResult } from "../util.js";
+export function registerCertificateTools(server, api) {
+    server.tool("certificates_list", "List all certificates (GET /nginx/certificates).", { expand: z.string().optional() }, async ({ expand }) => {
+        try {
+            return TextResult(await api.request("/nginx/certificates", { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("certificates_create", "Create a certificate (POST /nginx/certificates). For Let's Encrypt set provider='letsencrypt' and supply meta.letsencrypt_agree=true and meta.letsencrypt_email. For DNS challenge include meta.dns_challenge=true with dns_provider/dns_provider_credentials.", {
+        provider: z.enum(["letsencrypt", "other"]).default("letsencrypt"),
+        nice_name: z.string().optional(),
+        domain_names: z.array(z.string()).min(1),
+        meta: z
+            .record(z.unknown())
+            .optional()
+            .describe("Provider-specific options. LE example: {letsencrypt_email, letsencrypt_agree:true, dns_challenge:false}"),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ extra, ...body }) => {
+        try {
+            return TextResult(await api.request("/nginx/certificates", {
+                method: "POST",
+                body: { ...body, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("certificates_get", "Get a certificate (GET /nginx/certificates/{id}).", { id: z.number().int(), expand: z.string().optional() }, async ({ id, expand }) => {
+        try {
+            return TextResult(await api.request(`/nginx/certificates/${id}`, { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("certificates_delete", "Delete a certificate (DELETE /nginx/certificates/{id}).", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/certificates/${id}`, { method: "DELETE" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("certificates_download", "Download certificate files (GET /nginx/certificates/{id}/download). Returns the raw zip-like body.", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/certificates/${id}/download`));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("certificates_renew", "Renew a certificate (POST /nginx/certificates/{id}/renew).", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/certificates/${id}/renew`, { method: "POST" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("certificates_upload", "Upload a custom certificate body (POST /nginx/certificates/{id}/upload). Pass PEM contents.", {
+        id: z.number().int(),
+        certificate: z.string().describe("PEM-encoded certificate"),
+        certificate_key: z.string().describe("PEM-encoded private key"),
+        intermediate_certificate: z.string().optional(),
+    }, async ({ id, ...body }) => {
+        try {
+            return TextResult(await api.request(`/nginx/certificates/${id}/upload`, { method: "POST", body }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("certificates_validate", "Validate a certificate body (POST /nginx/certificates/validate).", {
+        certificate: z.string(),
+        certificate_key: z.string(),
+        intermediate_certificate: z.string().optional(),
+    }, async (body) => {
+        try {
+            return TextResult(await api.request("/nginx/certificates/validate", { method: "POST", body }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("certificates_test_http", "Verify that a domain answers Let's Encrypt HTTP challenges (POST /nginx/certificates/test-http).", {
+        domains: z.array(z.string()).min(1).describe("Domain names to test"),
+    }, async ({ domains }) => {
+        try {
+            return TextResult(await api.request("/nginx/certificates/test-http", {
+                query: { domains: domains.join(",") },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("certificates_dns_providers", "List supported DNS providers for Let's Encrypt DNS-01 challenges.", {}, async () => {
+        try {
+            return TextResult(await api.request("/nginx/certificates/dns-providers"));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+}

package/dist/tools/dead-hosts.js

@@ -0,0 +1,89 @@
+import { z } from "zod";
+import { TextResult, ErrorResult } from "../util.js";
+export function registerDeadHostTools(server, api) {
+    server.tool("dead_hosts_list", "List all 404 hosts (GET /nginx/dead-hosts).", { expand: z.string().optional() }, async ({ expand }) => {
+        try {
+            return TextResult(await api.request("/nginx/dead-hosts", { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("dead_hosts_create", "Create a 404 host (POST /nginx/dead-hosts).", {
+        domain_names: z.array(z.string()).min(1),
+        certificate_id: z.union([z.number().int(), z.literal("new")]).optional(),
+        ssl_forced: z.boolean().optional(),
+        hsts_enabled: z.boolean().optional(),
+        hsts_subdomains: z.boolean().optional(),
+        http2_support: z.boolean().optional(),
+        advanced_config: z.string().optional(),
+        enabled: z.boolean().optional(),
+        meta: z.record(z.unknown()).optional(),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ extra, ...body }) => {
+        try {
+            return TextResult(await api.request("/nginx/dead-hosts", {
+                method: "POST",
+                body: { ...body, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("dead_hosts_get", "Get a 404 host (GET /nginx/dead-hosts/{id}).", { id: z.number().int(), expand: z.string().optional() }, async ({ id, expand }) => {
+        try {
+            return TextResult(await api.request(`/nginx/dead-hosts/${id}`, { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("dead_hosts_update", "Update a 404 host.", {
+        id: z.number().int(),
+        domain_names: z.array(z.string()).optional(),
+        certificate_id: z.union([z.number().int(), z.literal("new"), z.literal(0)]).optional(),
+        ssl_forced: z.boolean().optional(),
+        hsts_enabled: z.boolean().optional(),
+        hsts_subdomains: z.boolean().optional(),
+        http2_support: z.boolean().optional(),
+        advanced_config: z.string().optional(),
+        enabled: z.boolean().optional(),
+        meta: z.record(z.unknown()).optional(),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ id, extra, ...body }) => {
+        try {
+            return TextResult(await api.request(`/nginx/dead-hosts/${id}`, {
+                method: "PUT",
+                body: { ...body, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("dead_hosts_delete", "Delete a 404 host.", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/dead-hosts/${id}`, { method: "DELETE" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("dead_hosts_enable", "Enable a 404 host.", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/dead-hosts/${id}/enable`, { method: "POST" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("dead_hosts_disable", "Disable a 404 host.", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/dead-hosts/${id}/disable`, { method: "POST" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+}

package/dist/tools/proxy-hosts.js

@@ -0,0 +1,115 @@
+import { z } from "zod";
+import { TextResult, ErrorResult } from "../util.js";
+const Location = z.object({
+    path: z.string(),
+    forward_scheme: z.enum(["http", "https"]),
+    forward_host: z.string(),
+    forward_port: z.number().int(),
+    advanced_config: z.string().optional(),
+});
+export function registerProxyHostTools(server, api) {
+    server.tool("proxy_hosts_list", "List all proxy hosts (GET /nginx/proxy-hosts).", { expand: z.string().optional().describe("e.g. `owner,access_list,certificate`") }, async ({ expand }) => {
+        try {
+            return TextResult(await api.request("/nginx/proxy-hosts", { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("proxy_hosts_create", "Create a proxy host (POST /nginx/proxy-hosts).", {
+        domain_names: z.array(z.string()).min(1),
+        forward_scheme: z.enum(["http", "https"]),
+        forward_host: z.string(),
+        forward_port: z.number().int(),
+        certificate_id: z
+            .union([z.number().int(), z.literal("new")])
+            .optional()
+            .describe('Existing cert ID, or "new" to request Let\'s Encrypt'),
+        access_list_id: z.number().int().optional(),
+        ssl_forced: z.boolean().optional(),
+        hsts_enabled: z.boolean().optional(),
+        hsts_subdomains: z.boolean().optional(),
+        http2_support: z.boolean().optional(),
+        block_exploits: z.boolean().optional(),
+        caching_enabled: z.boolean().optional(),
+        allow_websocket_upgrade: z.boolean().optional(),
+        advanced_config: z.string().optional(),
+        enabled: z.boolean().optional(),
+        locations: z.array(Location).optional(),
+        meta: z.record(z.unknown()).optional(),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ extra, ...body }) => {
+        try {
+            return TextResult(await api.request("/nginx/proxy-hosts", {
+                method: "POST",
+                body: { ...body, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("proxy_hosts_get", "Get a proxy host (GET /nginx/proxy-hosts/{id}).", { id: z.number().int(), expand: z.string().optional() }, async ({ id, expand }) => {
+        try {
+            return TextResult(await api.request(`/nginx/proxy-hosts/${id}`, { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("proxy_hosts_update", "Update a proxy host (PUT /nginx/proxy-hosts/{id}). Any field omitted is left unchanged.", {
+        id: z.number().int(),
+        domain_names: z.array(z.string()).optional(),
+        forward_scheme: z.enum(["http", "https"]).optional(),
+        forward_host: z.string().optional(),
+        forward_port: z.number().int().optional(),
+        certificate_id: z.union([z.number().int(), z.literal("new"), z.literal(0)]).optional(),
+        access_list_id: z.number().int().optional(),
+        ssl_forced: z.boolean().optional(),
+        hsts_enabled: z.boolean().optional(),
+        hsts_subdomains: z.boolean().optional(),
+        http2_support: z.boolean().optional(),
+        block_exploits: z.boolean().optional(),
+        caching_enabled: z.boolean().optional(),
+        allow_websocket_upgrade: z.boolean().optional(),
+        advanced_config: z.string().optional(),
+        enabled: z.boolean().optional(),
+        locations: z.array(Location).optional(),
+        meta: z.record(z.unknown()).optional(),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ id, extra, ...body }) => {
+        try {
+            return TextResult(await api.request(`/nginx/proxy-hosts/${id}`, {
+                method: "PUT",
+                body: { ...body, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("proxy_hosts_delete", "Delete a proxy host (DELETE /nginx/proxy-hosts/{id}).", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/proxy-hosts/${id}`, { method: "DELETE" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("proxy_hosts_enable", "Enable a proxy host (POST /nginx/proxy-hosts/{id}/enable).", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/proxy-hosts/${id}/enable`, { method: "POST" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("proxy_hosts_disable", "Disable a proxy host (POST /nginx/proxy-hosts/{id}/disable).", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/proxy-hosts/${id}/disable`, { method: "POST" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+}

package/dist/tools/redirection-hosts.js

@@ -0,0 +1,101 @@
+import { z } from "zod";
+import { TextResult, ErrorResult } from "../util.js";
+export function registerRedirectionHostTools(server, api) {
+    server.tool("redirection_hosts_list", "List all redirection hosts (GET /nginx/redirection-hosts).", { expand: z.string().optional() }, async ({ expand }) => {
+        try {
+            return TextResult(await api.request("/nginx/redirection-hosts", { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("redirection_hosts_create", "Create a redirection host (POST /nginx/redirection-hosts).", {
+        domain_names: z.array(z.string()).min(1),
+        forward_scheme: z.enum(["auto", "http", "https"]).default("auto"),
+        forward_domain_name: z.string().describe("Target domain (no scheme)"),
+        forward_http_code: z.union([z.literal(300), z.literal(301), z.literal(302), z.literal(307), z.literal(308)]).default(301),
+        preserve_path: z.boolean().optional(),
+        certificate_id: z.union([z.number().int(), z.literal("new")]).optional(),
+        ssl_forced: z.boolean().optional(),
+        hsts_enabled: z.boolean().optional(),
+        hsts_subdomains: z.boolean().optional(),
+        http2_support: z.boolean().optional(),
+        block_exploits: z.boolean().optional(),
+        advanced_config: z.string().optional(),
+        enabled: z.boolean().optional(),
+        meta: z.record(z.unknown()).optional(),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ extra, ...body }) => {
+        try {
+            return TextResult(await api.request("/nginx/redirection-hosts", {
+                method: "POST",
+                body: { ...body, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("redirection_hosts_get", "Get a redirection host (GET /nginx/redirection-hosts/{id}).", { id: z.number().int(), expand: z.string().optional() }, async ({ id, expand }) => {
+        try {
+            return TextResult(await api.request(`/nginx/redirection-hosts/${id}`, { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("redirection_hosts_update", "Update a redirection host (PUT /nginx/redirection-hosts/{id}).", {
+        id: z.number().int(),
+        domain_names: z.array(z.string()).optional(),
+        forward_scheme: z.enum(["auto", "http", "https"]).optional(),
+        forward_domain_name: z.string().optional(),
+        forward_http_code: z
+            .union([z.literal(300), z.literal(301), z.literal(302), z.literal(307), z.literal(308)])
+            .optional(),
+        preserve_path: z.boolean().optional(),
+        certificate_id: z.union([z.number().int(), z.literal("new"), z.literal(0)]).optional(),
+        ssl_forced: z.boolean().optional(),
+        hsts_enabled: z.boolean().optional(),
+        hsts_subdomains: z.boolean().optional(),
+        http2_support: z.boolean().optional(),
+        block_exploits: z.boolean().optional(),
+        advanced_config: z.string().optional(),
+        enabled: z.boolean().optional(),
+        meta: z.record(z.unknown()).optional(),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ id, extra, ...body }) => {
+        try {
+            return TextResult(await api.request(`/nginx/redirection-hosts/${id}`, {
+                method: "PUT",
+                body: { ...body, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("redirection_hosts_delete", "Delete a redirection host (DELETE /nginx/redirection-hosts/{id}).", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/redirection-hosts/${id}`, { method: "DELETE" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("redirection_hosts_enable", "Enable a redirection host.", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/redirection-hosts/${id}/enable`, { method: "POST" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("redirection_hosts_disable", "Disable a redirection host.", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/redirection-hosts/${id}/disable`, { method: "POST" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+}

package/dist/tools/reports.js

@@ -0,0 +1,11 @@
+import { TextResult, ErrorResult } from "../util.js";
+export function registerReportsTools(server, api) {
+    server.tool("reports_hosts", "Get traffic counts grouped by host type (GET /reports/hosts).", {}, async () => {
+        try {
+            return TextResult(await api.request("/reports/hosts"));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+}

package/dist/tools/settings.js

@@ -0,0 +1,35 @@
+import { z } from "zod";
+import { TextResult, ErrorResult } from "../util.js";
+export function registerSettingsTools(server, api) {
+    server.tool("settings_list", "List all settings (GET /settings).", {}, async () => {
+        try {
+            return TextResult(await api.request("/settings"));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("settings_get", "Get a specific setting by id (GET /settings/{id}).", { id: z.string().describe("Setting key, e.g. `default-site`") }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/settings/${encodeURIComponent(id)}`));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("settings_update", "Update a setting (PUT /settings/{id}).", {
+        id: z.string(),
+        value: z.union([z.string(), z.number(), z.boolean(), z.record(z.unknown())]),
+        meta: z.record(z.unknown()).optional(),
+    }, async ({ id, ...body }) => {
+        try {
+            return TextResult(await api.request(`/settings/${encodeURIComponent(id)}`, {
+                method: "PUT",
+                body,
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+}

package/dist/tools/streams.js

@@ -0,0 +1,87 @@
+import { z } from "zod";
+import { TextResult, ErrorResult } from "../util.js";
+export function registerStreamTools(server, api) {
+    server.tool("streams_list", "List all streams (GET /nginx/streams).", { expand: z.string().optional() }, async ({ expand }) => {
+        try {
+            return TextResult(await api.request("/nginx/streams", { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("streams_create", "Create a stream (POST /nginx/streams). At least one of tcp_forwarding/udp_forwarding must be true.", {
+        incoming_port: z.number().int(),
+        forwarding_host: z.string(),
+        forwarding_port: z.number().int(),
+        tcp_forwarding: z.boolean().optional(),
+        udp_forwarding: z.boolean().optional(),
+        certificate_id: z.union([z.number().int(), z.literal("new")]).optional(),
+        enabled: z.boolean().optional(),
+        meta: z.record(z.unknown()).optional(),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ extra, ...body }) => {
+        try {
+            return TextResult(await api.request("/nginx/streams", {
+                method: "POST",
+                body: { ...body, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("streams_get", "Get a stream (GET /nginx/streams/{id}).", { id: z.number().int(), expand: z.string().optional() }, async ({ id, expand }) => {
+        try {
+            return TextResult(await api.request(`/nginx/streams/${id}`, { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("streams_update", "Update a stream.", {
+        id: z.number().int(),
+        incoming_port: z.number().int().optional(),
+        forwarding_host: z.string().optional(),
+        forwarding_port: z.number().int().optional(),
+        tcp_forwarding: z.boolean().optional(),
+        udp_forwarding: z.boolean().optional(),
+        certificate_id: z.union([z.number().int(), z.literal("new"), z.literal(0)]).optional(),
+        enabled: z.boolean().optional(),
+        meta: z.record(z.unknown()).optional(),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ id, extra, ...body }) => {
+        try {
+            return TextResult(await api.request(`/nginx/streams/${id}`, {
+                method: "PUT",
+                body: { ...body, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("streams_delete", "Delete a stream.", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/streams/${id}`, { method: "DELETE" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("streams_enable", "Enable a stream.", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/streams/${id}/enable`, { method: "POST" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("streams_disable", "Disable a stream.", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/nginx/streams/${id}/disable`, { method: "POST" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+}

package/dist/tools/system.js

@@ -0,0 +1,45 @@
+import { z } from "zod";
+import { TextResult, ErrorResult } from "../util.js";
+export function registerSystemTools(server, api) {
+    server.tool("npm_api_root", "Get the API root info (status + version).", {}, async () => {
+        try {
+            return TextResult(await api.request("/"));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("npm_version_check", "Check whether a newer Nginx Proxy Manager release is available.", {}, async () => {
+        try {
+            return TextResult(await api.request("/version/check"));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("npm_schema", "Retrieve the full NPM API schema (OpenAPI/Swagger).", {}, async () => {
+        try {
+            return TextResult(await api.request("/schema"));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("npm_request", "Low-level escape hatch. Make any authenticated request to the NPM API. Use when no typed tool matches. The path must start with `/` and be relative to the API base (e.g. `/nginx/proxy-hosts`).", {
+        method: z.enum(["GET", "POST", "PUT", "DELETE"]).default("GET"),
+        path: z.string().describe("Path relative to API base, starting with `/`"),
+        query: z.record(z.string()).optional().describe("Querystring params"),
+        body: z.unknown().optional().describe("JSON request body"),
+    }, async ({ method, path, query, body }) => {
+        try {
+            return TextResult(await api.request(path, {
+                method: method,
+                query,
+                body,
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+}

package/dist/tools/tokens.js

@@ -0,0 +1,34 @@
+import { z } from "zod";
+import { TextResult, ErrorResult } from "../util.js";
+export function registerTokenTools(server, api) {
+    server.tool("tokens_login", "Generate a new JWT token by signing in with email/password (POST /tokens).", {
+        identity: z.string().describe("User email"),
+        secret: z.string().describe("User password"),
+    }, async ({ identity, secret }) => {
+        try {
+            return TextResult(await api.request("/tokens", { method: "POST", body: { identity, secret } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("tokens_refresh", "Refresh the current JWT token (GET /tokens).", {}, async () => {
+        try {
+            return TextResult(await api.request("/tokens"));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("tokens_validate_2fa", "Submit a 2FA code to obtain a fully authenticated token (POST /tokens/2fa).", {
+        token: z.string().describe("Partially authenticated token returned from login"),
+        code: z.string().describe("6-digit TOTP or backup code"),
+    }, async ({ token, code }) => {
+        try {
+            return TextResult(await api.request("/tokens/2fa", { method: "POST", body: { token, code } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+}

package/dist/tools/users.js

@@ -0,0 +1,154 @@
+import { z } from "zod";
+import { TextResult, ErrorResult } from "../util.js";
+export function registerUserTools(server, api) {
+    server.tool("users_list", "List all users (GET /users).", { expand: z.string().optional().describe("e.g. `permissions`") }, async ({ expand }) => {
+        try {
+            return TextResult(await api.request("/users", { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("users_create", "Create a new user (POST /users).", {
+        name: z.string(),
+        nickname: z.string().optional(),
+        email: z.string().email(),
+        roles: z.array(z.string()).optional().describe('e.g. ["admin"]'),
+        is_disabled: z.boolean().optional(),
+        auth: z
+            .object({ type: z.string().default("password"), secret: z.string() })
+            .optional()
+            .describe('Inline auth, e.g. {"type":"password","secret":"..."}'),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ extra, ...rest }) => {
+        try {
+            return TextResult(await api.request("/users", { method: "POST", body: { ...rest, ...(extra ?? {}) } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("users_get", "Get a user by ID (GET /users/{id}). Use id `me` for the current user.", {
+        id: z.union([z.number().int(), z.literal("me")]),
+        expand: z.string().optional(),
+    }, async ({ id, expand }) => {
+        try {
+            return TextResult(await api.request(`/users/${id}`, { query: { expand } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("users_update", "Update a user (PUT /users/{id}).", {
+        id: z.union([z.number().int(), z.literal("me")]),
+        name: z.string().optional(),
+        nickname: z.string().optional(),
+        email: z.string().email().optional(),
+        roles: z.array(z.string()).optional(),
+        is_disabled: z.boolean().optional(),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ id, extra, ...rest }) => {
+        try {
+            return TextResult(await api.request(`/users/${id}`, {
+                method: "PUT",
+                body: { ...rest, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("users_delete", "Delete a user (DELETE /users/{id}).", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/users/${id}`, { method: "DELETE" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("users_set_auth", "Update user authentication (e.g. password) (PUT /users/{id}/auth).", {
+        id: z.union([z.number().int(), z.literal("me")]),
+        type: z.string().default("password"),
+        current: z.string().optional().describe("Current password (when changing own password)"),
+        secret: z.string().describe("New password"),
+    }, async ({ id, ...body }) => {
+        try {
+            return TextResult(await api.request(`/users/${id}/auth`, { method: "PUT", body }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("users_set_permissions", "Update user permissions (PUT /users/{id}/permissions).", {
+        id: z.number().int(),
+        visibility: z.enum(["all", "user"]).optional(),
+        proxy_hosts: z.enum(["hidden", "view", "manage"]).optional(),
+        redirection_hosts: z.enum(["hidden", "view", "manage"]).optional(),
+        dead_hosts: z.enum(["hidden", "view", "manage"]).optional(),
+        streams: z.enum(["hidden", "view", "manage"]).optional(),
+        access_lists: z.enum(["hidden", "view", "manage"]).optional(),
+        certificates: z.enum(["hidden", "view", "manage"]).optional(),
+        extra: z.record(z.unknown()).optional(),
+    }, async ({ id, extra, ...rest }) => {
+        try {
+            return TextResult(await api.request(`/users/${id}/permissions`, {
+                method: "PUT",
+                body: { ...rest, ...(extra ?? {}) },
+            }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("users_sudo_login", "Login as another user (POST /users/{id}/login). Returns a token impersonating that user.", { id: z.number().int() }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/users/${id}/login`, { method: "POST" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("users_2fa_get", "Get 2FA status for a user (GET /users/{id}/2fa).", { id: z.union([z.number().int(), z.literal("me")]) }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/users/${id}/2fa`));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("users_2fa_setup", "Start 2FA setup for a user (POST /users/{id}/2fa). Returns QR/secret.", { id: z.union([z.number().int(), z.literal("me")]) }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/users/${id}/2fa`, { method: "POST" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("users_2fa_enable", "Verify and enable 2FA (POST /users/{id}/2fa/enable).", {
+        id: z.union([z.number().int(), z.literal("me")]),
+        code: z.string().describe("6-digit TOTP code"),
+    }, async ({ id, code }) => {
+        try {
+            return TextResult(await api.request(`/users/${id}/2fa/enable`, { method: "POST", body: { code } }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("users_2fa_disable", "Disable 2FA for a user (DELETE /users/{id}/2fa).", { id: z.union([z.number().int(), z.literal("me")]) }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/users/${id}/2fa`, { method: "DELETE" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+    server.tool("users_2fa_backup_codes", "Generate new 2FA backup codes (POST /users/{id}/2fa/backup-codes).", { id: z.union([z.number().int(), z.literal("me")]) }, async ({ id }) => {
+        try {
+            return TextResult(await api.request(`/users/${id}/2fa/backup-codes`, { method: "POST" }));
+        }
+        catch (e) {
+            return ErrorResult(e);
+        }
+    });
+}

package/dist/util.js

@@ -0,0 +1,25 @@
+import { z } from "zod";
+export const TextResult = (value) => ({
+    content: [
+        {
+            type: "text",
+            text: typeof value === "string" ? value : JSON.stringify(value, null, 2),
+        },
+    ],
+});
+export const ErrorResult = (err) => ({
+    isError: true,
+    content: [
+        {
+            type: "text",
+            text: err instanceof Error ? err.message : String(err),
+        },
+    ],
+});
+export const IdParam = { id: z.number().int().describe("Resource ID") };
+export const ListExpand = {
+    expand: z
+        .string()
+        .optional()
+        .describe("Comma-separated expansions (depends on endpoint). Examples: owner, access_list, certificate, clients, items"),
+};

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "@warnyin/nginx-proxy-manager-mcp",
+  "version": "0.1.0",
+  "description": "MCP server exposing the full Nginx Proxy Manager API as tools",
+  "type": "module",
+  "bin": {
+    "nginx-proxy-manager-mcp": "dist/index.js"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/warnyin/nginx-proxy-manager-mcp.git"
+  },
+  "homepage": "https://github.com/warnyin/nginx-proxy-manager-mcp#readme",
+  "bugs": {
+    "url": "https://github.com/warnyin/nginx-proxy-manager-mcp/issues"
+  },
+  "main": "dist/index.js",
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "prepare": "tsc",
+    "start": "node dist/index.js",
+    "dev": "tsx src/index.ts",
+    "typecheck": "tsc --noEmit"
+  },
+  "keywords": [
+    "mcp",
+    "model-context-protocol",
+    "nginx-proxy-manager",
+    "npm",
+    "claude"
+  ],
+  "license": "MIT",
+  "engines": {
+    "node": ">=18"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.0.4",
+    "zod": "^3.23.8"
+  },
+  "devDependencies": {
+    "@types/node": "^22.7.5",
+    "tsx": "^4.19.1",
+    "typescript": "^5.6.2"
+  }
+}