Kageos Handbook

One document for the whole system.

Kageos turns personal, team, and enterprise work into runnable directories. A directory can contain pages, functions, data, docs, permissions, logs, messages, and scheduled tasks. A person opens it as software. AI calls it as a bounded capability.

This page is the public map: what Kageos is, why directories matter, what works today, how to run it locally, and how to contribute without guessing your way through the repo.

AI-native service platformPersonal and enterprise useUnattended agentsSource-availableSelf-hostable
01

What Kageos is

Kageos is not an app generator whose job ends when a screen appears. It is a runtime and governance layer for useful capabilities. Those capabilities live as directories on a Service Tree, with stable paths, typed functions, UI resources, runtime state, and audit records.

A directory can start from Hub, run inside a private namespace, be changed for local data and workflow habits, and later be packaged again. The same capability can serve a single person, a small team, or an enterprise department because the boundary is the directory, not the chat session that created it.

  • Individuals can turn repeated work into reusable tools instead of rebuilding prompts every week.
  • Teams can keep records, tasks, forms, reminders, and execution results in the same work surface.
  • Enterprises can let AI act inside permissions, logs, runtime isolation, and handover rules.
02

Why directories

AI makes it cheap to create software-shaped things. Production makes a different demand: the thing needs an address, a calling contract, permissions, logs, ownership, and a way for someone else to take over later.

A prompt result rarely gives you that. A directory can. In Kageos, the directory is where the work becomes durable enough for people, agents, schedules, and other directories to use.

  • Address: every capability has a full_code_path, such as /sales/crm/customer.table.
  • Contract: Forms, Tables, Charts, and callbacks expose typed schemas through the SDK.
  • State: code, metadata, files, logs, and runtime records stay with the workspace.
  • Governance: permissions, operation logs, trace IDs, source refs, and messages share the same coordinates.
  • Automation: app.function and agent.session tasks run from the platform scheduler.
  • Distribution: stable directories can be bundled, seeded, installed, and published back to Hub.
03

The working model

Kageos treats a directory as a packaged workflow, not a folder of links. The platform gives the directory a path, renders its UI, calls its functions, runs its containers, schedules its jobs, and stores the trail left by each run.

  • Service Tree: the shared coordinate system for directories, functions, docs, messages, tasks, and logs.
  • Human UI: Forms, Tables, Charts, and Docs render as normal software screens.
  • AI call surface: the workstation calls registered functions through schema instead of guessing from prose.
  • Runtime: app-server, app-runtime, and kageos-sdk/agent-app build and run versioned user apps.
  • Inbox: notifications and execution results land in message-server with source paths and run IDs.
  • Scheduler: timer-scheduler owns next run time, leases, execution records, heartbeat, and recovery.
04

How work happens

There are three normal ways to use a directory. A person opens the page and works. AI reads the directory context and calls tools. A scheduled task runs without a person online, then writes the result back as messages, logs, and updated records.

That last part matters. Unattended automation is not a hidden cron script. The scheduler owns state. The executor only executes. The run has an identity, a source, a trace, and a place where the team can review what happened.

  • Human path: open a directory, submit forms, search tables, read docs, inspect charts, and review notifications.
  • AI path: start a workstation session, read context, edit code, build, call functions, inspect results, and hand off.
  • Scheduled function path: run a known Form/Table/Chart action at a fixed time with a fixed payload.
  • Scheduled Agent path: start an unattended workstation session for monitoring, reporting, inspection, or cross-directory work.
05

What works today

The public story should match the product. These are the capabilities already on the mainline, not future packaging language.

  • Service Tree, workspace resources, access control, operation logs, and source-aware traces.
  • Form, Table, Chart, Docs, and Function resources rendered in the Vue web app and backed by Go SDK schemas.
  • AI workstation sessions with chat history, tool calling, code editing, build repair, runtime checks, and handoff.
  • Runtime tools for form submit, table search and write, chart query, Python execution, notifications, and scheduled task management.
  • timer-scheduler with app.function jobs and agent.session jobs.
  • message-server inbox, threads, unread state, source counts, workspace counts, and SDK or Agent notifications.
  • Capability bundle import/export for moving directories between namespaces and seeding built-in tools.
  • Self-hostable runtime built with Go, Vue 3, MySQL, NATS, MinIO, and Podman or Docker.
06

Run it locally

Contributors should start with kagectl. The Compose files are still in the repository, but they are implementation detail and troubleshooting material. A new contributor should not need to know the historical Compose paths just to boot Kageos.

Normal local startup does not require manual environment variables. kagectl bootstrap --dev creates local .kageos/ env files for MySQL, NATS, MinIO, JWT, SMTP log mode, and the system user password. Do not commit those files.

  • Prerequisites: Go 1.25 or newer, Node.js 20.19 or 22.12+, and Podman Compose or Docker Compose.
  • Clone the repository, then run the backend with go run ./cmd/kagectl bootstrap --dev.
  • Start the frontend in another terminal with cd web && npm install && npm run dev.
  • Open http://localhost:5173, sign in as system, and use the Admin password printed in the Kageos dev initialization summary.
  • If the password scrolls away, run go run ./cmd/kagectl init --dev again or read SYSTEM_USER_PASSWORD from .kageos/dev/env/kageos.env.
  • Local email verification runs in log mode. Registration codes are printed in backend logs and returned as debug_code for development.
07

Contribute without guessing

The codebase has two different kinds of code: the Kageos platform itself and workspace applications that run inside namespaces. Keep that boundary clean. Platform services can use internal packages. Workspace apps should use the public SDK, not main-repo internals.

  • core/app-server owns workspace APIs, Service Tree metadata, access, operation logs, function metadata, and app invocation.
  • core/agent-server owns workstation sessions, tools, prompts, LLM orchestration, and scheduled Agent workers.
  • core/app-runtime writes namespace files, builds Go apps, tracks versions, and manages user app containers.
  • core/timer-scheduler owns scheduled tasks, executions, leases, heartbeat, recovery, and outbox delivery.
  • core/message-server owns inbox messages, threads, unread state, and notification commands.
  • web is the Vue 3 frontend. deploy holds local, production, AIO, image, and security deployment material.
  • Keep pull requests focused. Do not mix behavior changes, formatting sweeps, dependency upgrades, and unrelated refactors.
08

Verify changes

Run the checks that match your change. The full list lives in the repository, but these are the checks maintainers expect contributors to know.

  • Backend: bash scripts/test-core-go.sh.
  • Frontend: cd web && npm run check:architecture && npm run lint && npm run type-check && npm run test:unit -- --run && npm run build.
  • Repository checks: bash scripts/check-sensitive-files.sh, bash scripts/check-sdk-boundaries.sh, bash scripts/check-doc-links.sh, and git diff --check.
  • Troubleshooting local startup: go run ./cmd/kagectl doctor, status, verify, logs main, and logs infra.
09

Self-hosting and operations

Kageos is source-available and designed for self-hosting. The current production path is a single-machine deployment with Kageos, MySQL, NATS, MinIO, and user app containers managed through the platform runtime.

The important operating idea is simple: platform state, app source, app runtime metadata, logs, and object storage are not throwaway build artifacts. Back them up before destructive resets. Keep secrets out of commits. Treat local .kageos/ and production .kageos/ as private runtime state.

  • For local development, use go run ./cmd/kagectl bootstrap --dev.
  • For production, use the self-host guide and production install script rather than copying local dev commands.
  • Use kagectl doctor, status, verify, and logs before touching raw Compose commands.
  • Stop local infrastructure with go run ./cmd/kagectl down; it keeps local data by default.
10

Current boundaries

Good documentation should say what is real and what is still planned. Kageos should not sell unfinished control planes as if they already exist.

  • Mainline today: Service Tree, permissions and operation logs, AI workstation, Form/Table/Chart/Docs, inbox, function tasks, Agent tasks, app runtime, and capability bundles.
  • In progress: public Hub marketplace, hosted trials, publishing loop, private enterprise Hub, and SaaS operations features.
  • Reserved but not live: workflow graph, workflow.run, generic approvals, discussions, ratings, external notification providers, and backup control plane.