← Back to Home

SelfHeal

Production-leaning remediation engine for Linux fleets. Safety, speed, auditability.

Latest Release

v0.1.0 • Changelog

Webhook → Kafka ingress hardening
JSON canonicalization for Prom/Alertmanager
AI suggestion schema contract

Downloads

Verified builds and checksums. Air-gapped installers available for Enterprise.

Linux (.deb)
Download

Checksum: 9b1c...deb

Linux (.rpm)
Download

Checksum: a22e...rpm

Docker image
ghcr.io/ganges/selfheal:0.1.0

Installation

Docker Compose

version: "3.9"
services:
  zookeeper:
    image: bitnami/zookeeper:3.9
  kafka:
    image: bitnami/kafka:3.7
  selfheal:
    image: ghcr.io/ganges/selfheal:0.1.0
    environment:
      - BOOTSTRAP_SERVERS=kafka:9092
      - OPENAI_API_KEY=${OPENAI_API_KEY}
    ports:
      - "8000:8000"

Systemd (binary install)

# 1) Install package
sudo dpkg -i selfheal_0.0.9_amd64.deb  # or rpm -ivh selfheal-0.0.9.x86_64.rpm

# 2) Configure
sudo mkdir -p /etc/selfheal
sudo tee /etc/selfheal/config.yml <<'YAML'
bootstrap_servers: 172.28.1.20:9092
log_level: INFO
allowlist:
  - name: restart_apache
    cmd: ["systemctl","restart","apache2"]
YAML

# 3) Enable service
sudo systemctl enable --now selfheal

# 4) Verify
curl -s http://localhost:8000/healthz

Configuration

User overrides live in /etc/selfheal/config.yml. Runtime flags via env vars. Supports dry-run and verbosity levels.

# /etc/selfheal/config.yml
bootstrap_servers: 172.28.1.20:9092
consumer_group: selfheal-actions-v1
api:
  host: 0.0.0.0
  port: 8000
llm:
  provider: openai
  model: gpt-5-mini
  max_tokens: 400
safety:
  dry_run: false
  allowlist:
    - name: restart_apache
      cmd: ["systemctl","restart","apache2"]
logging:
  level: INFO
  path: /var/log/selfheal/selfheal.log

Webhook Example

POST /ingress/webhook
{
  "receiver": "web.hook",
  "status": "firing",
  "alerts": [
    {
      "status": "firing",
      "labels": {
        "alertname": "apacheServiceDown",
        "instance": "172.18.35.51:9100",
        "job": "node_exporter_metrics",
        "name": "apache2.service",
        "state": "inactive"
      },
      "annotations": {
        "summary": "Apache service not running on 172.18.35.51"
      }
    }
  ]
}

Pricing

Community

Free

Single node
Webhook/Kafka ingress
SQLite rules DB
Dry-run
Basic CLI

Download

Pro

$19 / node / mo

Multi-node
RBAC
REST tokens
Workers
Email alerts

Enterprise

Contact us

SAML/SSO
External DB
Air-gapped installer
24×7 support
Custom actions

Contact sales

FAQ

Is SQLite production-ready here?

Yes for small/embedded setups. For scale/HA, use Postgres (Enterprise).

Does it execute AI commands automatically?

No by default. AI proposes JSON; only allowlisted actions can auto-exec.

Air-gapped installs?

Yes — offline installer and license server in Enterprise.

Observability?

/metrics for Prometheus; structured logs, audit trail for actions.