Self-hosting Agent Canvas lets you keep the UI, agent server, and automation backend on infrastructure you control.Documentation Index
Fetch the complete documentation index at: https://allhandsai-docs-agent-canvas-docs.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Common Self-Hosted Patterns
Teams usually self-host Agent Canvas in one of these ways:- on a dedicated developer workstation
- on a VM in a cloud provider
- on a machine inside a private network or VPN
Recommended Security Checklist
Before you expose Agent Canvas to a broader network, make sure you:- Restrict inbound network access.
- Use TLS and an authenticated reverse proxy if the UI is reachable over the internet.
- Treat the host as sensitive infrastructure because it stores secrets, conversations, and working copies.
- Keep the machine patched and limit who can access it.
Basic VM Workflow
- Provision a Linux or macOS machine you control.
- Install Node.js, npm, and
uv. - Clone the repository and install dependencies:
- Start the local stack:
- Put a reverse proxy such as nginx in front of the ingress endpoint if you need browser access beyond localhost.
127.0.0.1, so the network and reverse-proxy layers are what determine who can reach it.
Reverse Proxy and Auth
If you publish Agent Canvas behind a domain:- terminate TLS at the reverse proxy
- require authentication before requests reach Agent Canvas
- keep the backing services off the public network whenever possible
Connecting from Another Machine
You do not need to run the UI and the backend on the same computer. Two common patterns are:- Run the full Agent Canvas stack on a dedicated host or VM, then open that UI directly or through a secure reverse proxy.
- Keep Agent Canvas on your laptop, and add the remote backend through
Manage Backends.