683da7a4c5
WIP checkpoint of the gitmost AI-chat backend (plan stages A + B1 + B3a). The agent acts under the requesting user's JWT (Docmost CASL enforces page access); the external service-account /mcp endpoint is untouched. LLM provider config (A2-A4): - integrations/crypto: AES-256-GCM SecretBoxService (key derived from APP_SECRET, per-record salt/iv; clear error on rotation instead of crashing). - ai_provider_credentials table/repo/types: encrypted API key stored outside workspace settings/baseFields, write-only (never returned by any endpoint). - integrations/ai: per-workspace AI SDK v6 provider driver (openai/gemini/ollama), admin-gated GET(masked)/PATCH(write-only key)/Test endpoints; settings.ai.provider holds non-secret config incl. systemPrompt. Removed unused AI_* env getters (DB is the single source of truth). Chat module (A1, A5-A8): - ai_chats/ai_chat_messages repos (workspace-scoped, soft-delete, tsv never selected). - core/ai-chat: CRUD + POST /ai-chat/stream (Fastify hijack + AI SDK v6 pipeUIMessageStreamToResponse, abort on disconnect, persist user/assistant msgs). - Agent loop: streamText + stepCountIs(8); read tools searchPages/getPage via a per-request DocmostClient over loopback REST under the user's minted access token. - Gate settings.ai.chat (+ 503 when provider unconfigured); buildSystemPrompt with a non-removable safety/anti-prompt-injection framework. Per-user rate limit. Per-user auth (B1): - @docmost/mcp DocmostClient gains an additive getToken variant (carry a user JWT, re-fetch on 401) and exports DocmostClient; the email/password service-account path (external /mcp, stdio) is unchanged. Agent-edit provenance backbone (B3a): - Migration: pages/page_history (last_updated_source, last_updated_ai_chat_id) and comments (created_source, ai_chat_id, resolved_source). - Signed actor/aiChatId claim in the collab token; onAuthenticate propagates it, onStoreDocument writes it with a sticky agent marker, saveHistory copies it. Migrations auto-run on boot (additive). Write tools, frontend, RAG and external MCP servers are not in this checkpoint. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Gitmost
Open-source collaborative wiki and documentation software.
A fully-open community fork of Docmost.
English · Русский
About this fork
Gitmost is a community fork of Docmost, an open-source collaborative wiki and documentation app.
The goal of the fork is a 100% open, AGPL-only build with no Enterprise-Edition (EE) code:
- No EE code at all. All proprietary Enterprise-Edition sources were removed — the private
apps/server/src/eesubmodule, theapps/client/src/eedirectory (201 files) and thepackages/eepackage are gone. There is no license gating: every feature is available to everyone. - Replacements are written from scratch. Features that previously lived behind the enterprise
license (e.g. comment resolution, the
/mcpserver) were re-implemented from scratch on top of the community codebase. No EE code is reused, and there is no entitlement/feature-flag wall. - No upsell. There are no "buy a license" / "upgrade to Enterprise" banners, trial nags, or locked-feature placeholders anywhere in the UI.
- Authentication is plain email + password (no SSO/LDAP/cloud/billing flows).
What's different from Docmost
| Change | Details |
|---|---|
| EE code removed | Stripped all client and server Enterprise-Edition code; ships as a clean community/AGPL build with no license checks. |
| Comment resolution | Re-implemented from scratch as a community feature (resolve / re-open with Open/Resolved tabs). No EE code reused, available to anyone who can comment. |
| Embedded MCP server | A community MCP server (@docmost/mcp, 38 tools) is served over HTTP at /mcp — no enterprise license required. Replaces the removed license-gated EE MCP. |
| Rebranding | App logo / name changed from Docmost to Gitmost. |
| Compact page tree | Default page-tree indentation reduced from 16px to 8px per nesting level. |
| CI / images | Release CI publishes container images to GHCR (ghcr.io/vvzvlad/gitmost) using the built-in GITHUB_TOKEN instead of Docker Hub. |
Embedded MCP server
Gitmost has our own MCP server — docmost-mcp,
which we wrote — built directly into the app and served at /mcp. It exposes 38
agent-native tools: surgical per-block edits (patch / insert / delete by id),
structure-preserving find/replace, scripted (doc) => doc transforms with a dry-run diff,
structured table editing, version history with diff / restore, comments, images and share
links — all applied through Docmost's real-time-collaboration layer, so a write never
clobbers a concurrent human edit.
Better than Docmost's own MCP. Docmost's built-in MCP is an enterprise feature, and its tools are coarse — read a page as Markdown, create / move / delete pages, replace a whole page. Ours is built around how an agent actually edits: address one block and patch it, or program the change, instead of round-tripping a ~100 KB document through the model on every little fix. And it needs no enterprise license.
Gitmost /mcp (our docmost-mcp) |
Docmost's built-in MCP | |
|---|---|---|
| Enterprise license | Not required | Required |
| Tools | 38, agent-native | Coarse (read Markdown, page CRUD, replace whole page) |
| Per-block edits / find-replace / scripted transforms | ✅ | — |
| Structured table editing, version diff / restore | ✅ | — |
| Comments, images, share links | ✅ | — |
| Safe real-time-collab writes (no clobber) | ✅ | — |
Same server as standalone docmost-mcp — just bundled. This is the exact
docmost-mcp you can also run on its own; embedding
it doesn't make it more capable, you simply don't have to install and run a separate
process. An admin flips one toggle in Workspace settings → AI & MCP and any MCP client
points at ${APP_URL}/mcp.
Roadmap
Done
- ✅ MCP server — embedded community MCP server served at
/mcp. - ✅ macOS app — native macOS app (docmost-app) that embeds the UI with multi-server tabs.
In progress
- 🚧 AI chat — built-in AI agent chat over your wiki content.
- 🚧 Git synchronization — two-way sync of pages with a Git repository.
Planned
- 🔭 Templates — reusable page templates.
- 🔭 Viewer comments — let read-only viewers leave comments.
- 🔭 Password-protected pages — protect individual pages / shares with a password.
- 🔭 Windows / Linux app — native desktop app for Windows and Linux.
- 🔭 Mobile app — native mobile application.
- 🔭 Offline mode — offline sync & PWA support.
- 🔭 Editor & UX improvements — blocks inside tables (lists, to-do items), column layout, additional heading levels, highlight blocks, custom emoji in callouts, floating images, anchor links for page mentions, toggles (shared-page width, aside/sidebar, spellcheck, ligatures), sanitized space-tree export, and mentions in breadcrumbs.
Getting started
Gitmost follows the upstream Docmost setup. See the Docmost
documentation for self-hosting and development instructions; replace the
docmost/docmost image with ghcr.io/vvzvlad/gitmost where applicable.
Features
- Real-time collaboration
- Diagrams (Draw.io, Excalidraw and Mermaid)
- Spaces
- Permissions management
- Groups
- Comments (with resolve / re-open)
- Page history
- Search
- File attachments
- Embeds (Airtable, Loom, Miro and more)
- Translations (10+ languages)
- Embedded MCP server (
/mcp)
Screenshots
License
Gitmost is licensed under the open-source AGPL 3.0 license.
Unlike upstream Docmost, this fork contains no Enterprise-Edition code — the apps/server/src/ee,
apps/client/src/ee and packages/ee directories have been removed, so there are no files governed
by an enterprise license.
Credits
Gitmost is based on Docmost by the Docmost team. Huge thanks to them for the original open-source project.
Crowdin for providing access to their localization platform.
Algolia for providing full-text search to the docs.