Self-hosted multi-device Claude Code / Codex usage aggregation server
Collects AI CLI usage from all your machines into toki, stores events locally, serves a unified dashboard.

한국어

No git clone needed. Create a docker-compose.yml and .env, then start.

1. Create docker-compose.yml

services:
  toki-sync-server:
    image: korjwl11/toki-sync:latest
    container_name: toki-sync-server
    restart: unless-stopped
    ports:
      - "9090:9090"   # sync protocol (TCP)
      - "9091:9091"   # web dashboard + API (HTTP)
    environment:
      TOKI_ADMIN_PASSWORD: ${TOKI_ADMIN_PASSWORD}
      JWT_SECRET: ${JWT_SECRET}
    volumes:
      - toki-data:/data

volumes:
  toki-data:

2. Create .env

TOKI_ADMIN_PASSWORD=change-me-to-a-strong-password
JWT_SECRET=change-me-run-openssl-rand-base64-32

3. Start and connect

docker compose up -d

# On any machine with toki installed (opens browser for authentication)
toki settings sync enable --server <your-server-ip-or-domain>

Done. Token usage now syncs automatically across all your devices.

Want automatic TLS? See the Caddy + DuckDNS deployment guide for HTTPS with a free domain and auto-renewed certificates.

Uses Fjall (embedded event store) + SQLite (metadata). Zero external dependencies -- just the single container above.

For high-volume deployments, add the --profile clickhouse flag:

docker compose --profile clickhouse up -d

This starts a ClickHouse container alongside toki-sync for scalable event storage. See the full docker-compose.yml for details.

• Multiple machines? See all your AI token usage in one place -- web dashboard or Toki Monitor.
• Team dashboard? Aggregate usage across team members with role-based access.
• Self-hosted? Your data stays on your server. No telemetry, no cloud.

[Device A]  [Device B]  [Device C]
toki daemon  toki daemon  toki daemon
     +-- TCP+TLS (bincode) --+
                              v
                      toki-sync server
                      |-- TCP :9090 (sync protocol)
                      |-- HTTP :9091 (auth + dashboard)
                      +-- SQLite (metadata)
                      +-- Fjall (events) or ClickHouse (optional)

• toki daemons maintain persistent TLS connections, batch events (1,000/batch), zstd-compress, and send with ACK-based flow control
• toki-sync server authenticates users, stores metadata in SQLite, writes events to the event store
• Deduplication via msg_id ensures exactly-once delivery across reconnections

• Multi-device sync -- TCP binary protocol, zstd compression, ACK flow control, delta-sync on reconnect
• Device code auth -- browser-based device code flow, OIDC (Google, GitHub, etc.), password login
• Web dashboard -- charts, time range picker, device list, team views
• Teams -- aggregate queries across team members with role-based access
• Dual storage -- SQLite (zero-config) or PostgreSQL; Fjall (embedded) or ClickHouse (scale)
• PromQL proxy (optional) -- per-user label injection for VictoriaMetrics compatibility
• Security -- TLS everywhere, brute force protection, refresh token rotation

• No prompt access -- only token counts and metadata (model, session ID, project name). Never prompts or responses.
• TLS everywhere -- all sync traffic encrypted. Caddy handles Let's Encrypt certificates automatically.
• Per-user data isolation -- each user can only query their own data.
• Self-hosted -- no telemetry, no cloud dependencies.

Start with the deployment guide to pick a scenario, then refer to the documents below as needed.

toki settings sync disable              # Prompts to delete remote data
toki settings sync disable --delete     # Delete this device's data from server
toki settings sync disable --keep       # Keep remote data, only disable locally

If toki-sync is useful to you, consider sponsoring to support development.

For commercial use in paid products, please sponsor or reach out.

FSL-1.1-Apache-2.0