Documentation Index
Fetch the complete documentation index at: https://docs.tesslate.com/llms.txt
Use this file to discover all available pages before exploring further.
Overview
OpenSail is an AI-powered platform for building, running, and sharing agents, full-stack apps, scheduled jobs, webhook handlers, and MCP tools. The system is modular: the same orchestrator drives desktop, Docker, and Kubernetes modes by swapping task queue, pub/sub, database, and container backends behind protocols. This page explains how the components fit together, how data flows at runtime, and how the security model is enforced.High-level diagram
Component layers
- Frontend
- Desktop shell
- Orchestrator
- Agent runner
| Module | Source | Notes |
|---|---|---|
| App shell | app/src/App.tsx | React 19 router |
| API client | app/src/lib/api.ts | SSE + fetch wrapper |
| Editor | Monaco | code + diff view |
| Chat | app/src/components/chat/ | agent message stream |
| Architecture Panel | React Flow | authors .tesslate/config.json |
| Kanban | drag-and-drop board |
Deployment modes
| Mode | Database | Queue | Pub/sub | Containers | Best for |
|---|---|---|---|---|---|
| Desktop | SQLite (aiosqlite) | asyncio + apscheduler | in-process | subprocess / docker / remote k8s | Single user |
| Docker | Postgres | ARQ on Redis | Redis Streams | Docker Compose | Dev, small teams |
| Kubernetes | Postgres (cloud: RDS) | ARQ on Redis | Redis Streams | per-project namespaces | Multi-tenant prod |
DEPLOYMENT_MODE and wired via factories in orchestrator/app/services/.
Three-tier compute model
The AI agent does not need a full Kubernetes pod every time it reads a file. OpenSail separates operations by cost:| Tier | What runs here | Backend | Wake time |
|---|---|---|---|
| Tier 0 | File ops, web calls, agent reasoning | In-process in the worker (FileOps gRPC to CSI) | Near zero |
| Tier 1 | Shell commands | Warm ephemeral containers from a pool | Sub-second |
| Tier 2 | Full dev environment: multi-container project, live preview, deploys | K8s namespace with multiple Deployments | On demand, hibernates when idle |
Storage: btrfs CSI and Volume Hub
User project data lives on btrfs subvolumes managed by a two-layer system.- btrfs CSI driver
- Volume Hub
- Orchestrator client
Location:
services/btrfs-csi/.Runs as a DaemonSet. Responsibilities:- Create btrfs subvolumes (instant snapshot-clone from templates)
- FileOps gRPC for agent Tier 0 file operations
- NodeOps gRPC for template builds
- S3 sync via CAS (content-addressed storage)
- Per-node garbage collection
Agent runner integration
The orchestrator enqueues anAgentTaskPayload built from project state, chat history, git status, and TESSLATE.md. The ARQ worker picks up the task and runs the tesslate-agent loop.
Loop
Each iteration: run the agent, persist
AgentStep rows, publish events to the Redis Stream, check for a cancellation signal.Stream to client
The API router subscribes to the stream and forwards events over SSE or WebSocket. The client renders steps in real time.
Apps subsystem
An app on OpenSail is a versioned, immutable, manifest-described bundle produced from a workspace. Models:| Model | Role |
|---|---|
MarketplaceApp | Identity anchor (slug, creator, category, state) |
AppVersion | Immutable version with manifest, CAS bundle address, approval state |
AppInstance | Per-user install with wallet mix and update policy |
AppSubmission | Staged approval pipeline row (stage0 → stage3 → approved) |
YankRequest | Unpublish flow; critical severity requires two admins |
AppBundle | Curated pack of AppVersions |
installer.py, publisher.py, submissions.py, yanks.py, runtime.py, stage1_scanner.py, stage2_sandbox.py. See the Publishing Apps guide.
Channels and gateway
Messaging integrations live underorchestrator/app/services/channels/ with the Gateway v2 runner at services/gateway/runner.py. Platforms: Telegram, Slack, Discord, WhatsApp, Signal, CLI. Identity pairing links platform accounts to OpenSail users. Schedules (cron + timezone) deliver agent output to any configured channel.
See Communication gateways.
Security model
| Layer | Enforcement |
|---|---|
| Transport | HTTPS in production; Traefik or NGINX Ingress |
| Session | JWT with short-lived access + refresh rotation |
| CSRF | Double-submit cookie with X-CSRF-Token header |
| Passwords | bcrypt |
| Secrets at rest | Fernet encryption via SECRET_KEY-derived key (CHANNEL_ENCRYPTION_KEY, DEPLOYMENT_ENCRYPTION_KEY) |
| RBAC | Team, TeamMembership (admin/editor/viewer), ProjectMembership override, AuditLog |
| Network isolation (K8s) | NamespacePerProject + NetworkPolicy enforcing zero cross-project traffic |
| Agent capabilities | .tesslate/permissions.json gates shell, network, git push, file writes; approval prompts for ask policies |
AuditLog, keyed by team and project.
Next steps
Configuration
All environment variables with defaults.
Deployment
Path-by-path production guides.
Data flow
Request lifecycle, agent execution, container lifecycle.
Container orchestration
Three-tier compute, PVC lifecycle, snapshots.