Dejima free · open source

Manage a fleet of agents on your Mac mini, Linux box, local folder, or cloud.

Infrastructure for your agents.
None of the worry.

Run your coding agents without the tmux-and-SSH grind, and without handing them the whole machine.

Ditch the tmux + SSH grind

Your sessions live on the server, so you can close your laptop and the agents keep working, then reconnect from any device. It runs on tmux under the hood, so you keep the multi-window power without babysitting SSH.

Your whole fleet on one screen

Every agent's status at a glance in one dashboard. Jump between projects and agents with a keystroke, so switching context costs you nothing.

It pings you when an agent needs you

Get a notification the moment an agent finishes or is waiting on your input, so you're not watching a terminal to catch the handoff.

Many agents, no collisions

Each agent gets its own git worktree automatically, so Claude Code, Codex, and headless runs can share one repo without stepping on each other.

Still SSHing into tmux to run your agents? Read the full story. Working with others? Onboard a teammate to their own private fleet, without sharing your box.

Secure sandboxing

Rogue agents can't break out. Each one is sealed in its own walled-off island, with no reach to your host machine, your files, or your other projects. Host access is deny-all, granted file by file.

Your code never leaves your box

It all runs on hardware you own. The agents' model calls go out, but your source, your files, and your credentials stay inside your perimeter. There's no managed cloud in the loop and no vendor account holding your work.

The Dejima TUI: a live dashboard listing islands (dejima, janus, wildfire) and the agents running in each — with status, memory and CPU use, and a detail panel for the selected island.

Is Dejima right for you?

Open in Claude → Open in ChatGPT → Opens in your own AI — nothing is sent to us.

The hard parts of running agents, already handled

You shouldn't have to become an infrastructure engineer to run agents safely. That usually means wiring up containers, networking, credentials, and session plumbing yourself. Dejima is that layer, already built — and it rests on three things:

Running agents for a team that has to prove what they did? See Dejima for teams →

The isolation of a cloud sandbox, on hardware you own

You're probably weighing Dejima against however you run agents today. Here's where it lands:

What you need Dejima Coder E2B Rivet tmux + SSH A dev container
Isolated workspace per project
Several agents at once, one dashboard$manual
Each agent walled off from host & each other~ (from host)
Survives disconnect, multi-device~
Runs where you put it — local or your own cloud$
Audit log of host-file access
Curated MCP servers, brokered & audited
Up in minutes, nothing to build~~~

$ = available only on a paid plan.

How Dejima compares to Coder, Daytona, and E2B, in depth →

One host. Many sealed islands.

How Dejima works: you drive it from a CLI, TUI, or your own app over a websocket + HTTP API on Tailscale. That reaches the Dejima host — a Mac mini, VPS, or cloud VM — which holds islands: 'web' running claude-code, openclaw, and a shell; 'api' running codex, letta, and a headless agent. Each island is one container; each agent gets its own git worktree, sandboxed from the host and the other agents.
Text version
        CLI · TUI · your app                 (you drive it)
                    │
                    │  websocket + HTTP API · over Tailscale
                    ▼
┌─ Dejima host · Mac mini / VPS / cloud VM ──────────────────────┐
│                                                                │
│   ┌─ island: web ──────────┐    ┌─ island: api ──────────┐     │
│   │ a1  claude-code        │    │ a1  codex              │     │
│   │ a2  codex              │    │ a2  claude-code        │     │
│   │ a3  headless           │    │                        │     │
│   └────────────────────────┘    └────────────────────────┘     │
│                                                                │
│ per island: one container · shared home + credentials          │
│ per agent:  own git worktree · sandboxed from host & others    │
└────────────────────────────────────────────────────────────────┘

An island is one container holding one or more agents. They share the workspace, credentials, and tool-auth, but each works on its own git worktree — so they collaborate without clobbering each other. Islands can't see each other; that blindness is the security boundary.

Run almost any agent. Each island holds a mix of two kinds:

Both get the same isolation, lifecycle, events, and one-API management — bring your own keys and mix vendors freely.

Everything you need to run a fleet safely

Guides

Short, practical walkthroughs for getting a fleet running on your own box.

Turn a Mac mini into an AI agent server (5 minutes, free)

Install once, then run Claude Code, Codex, and OpenClaw contained on a mini in the closet.

You're still SSHing into tmux to run your agents?

Where the tmux + SSH setup breaks down, and how to run a contained fleet on the same box.

All guides → · Use cases →

Common questions

Is Dejima free?

Yes. Dejima is free and open source under Apache 2.0. You run it on hardware you already own, so there's no subscription and no per-second usage bill. You bring your own agents and API keys, and pay only your normal LLM provider costs.

Does my code leave my machine?

No. Your source, your files, and your credentials stay on your own box. The agents' model calls go out to whatever LLM provider you use, but there's no Dejima cloud in the loop and no vendor account holding your work. Auth is your own Tailscale identity.

Which AI coding agents can I run?

Terminal agents you attach to, like Claude Code, Codex, or a plain shell, and headless runtimes like OpenClaw, Letta, and Hermes, or your own SDK loop. You bring your own API keys and can mix vendors freely across islands.

What hardware do I need?

A Mac mini, a Linux server or VPS, a cloud VM in your own account, or just your laptop. Two cores and 4 GB of RAM run a few agents comfortably. The same one install command works on all of them.

How is this different from a cloud agent sandbox?

Services like E2B and Daytona run your agents on their infrastructure and bill by the second. Dejima runs on hardware you own, for free, with persistent sessions you attach to, a dashboard, brokered host access, and an audit log. Your code never leaves your perimeter.

Run a fleet on your own box

On one machine, or on a server you drive from your laptop. One line to install, one word to run. Alpha and open source.

Get started →
The Dejima metaphor: your machine (holding your files and credentials) connects to a fan-shaped island by a single gated bridge — the broker, one controlled crossing. The agents live contained on the island, and every crossing is written to a tamper-evident ledger.

Dejima was an artificial island built in 1636 in Nagasaki Bay to serve as a quarantined trading post for foreigners during Japan's period of isolation — one gated bridge to the mainland, every crossing logged. Your agents run the same way: contained on the island, reaching your machine only through a broker that records what crossed.