Weaving your IT operations together — asset-centric, workflow-powered.
Quick Start • Features • Editions • Docs • Contributing
OpsWeave is a modular, asset-centric IT Service Management platform. It combines ITIL-aligned processes (Incident, Problem, Change) with a powerful CMDB, service catalog, compliance mapping, and workflow automation — all in a single, easy-to-deploy application.
Everything revolves around the asset. Every ticket, SLA, service contract, and compliance requirement links back to assets in the CMDB. This gives you full context at a glance — when an incident comes in, you immediately see the affected infrastructure, applicable SLAs, regulatory requirements, and service agreements.
Single container — up and running in 30 seconds:
docker run -d \
-p 8080:8080 \
-v opsweave-data:/data \
--name opsweave \
ghcr.io/slemens/opsweave:latestOpen http://localhost:8080 and log in with admin@opsweave.local / changeme.
Production deployment with PostgreSQL:
git clone https://github.com/slemens/opsweave.git
cd opsweave
cp .env.example .env # Edit with your settings
docker compose up -d- Incident, Problem, and Change processes
- Kanban board with drill-down views (by type → group → ticket)
- Drag & drop ticket routing between assignee groups
- Full audit trail and comment system
- SLA tracking with automatic breach detection
- Asset-centric data model with typed relationships
- Directed Acyclic Graph (DAG) — assets can have multiple parents
- Typed edges:
runs_on,connected_to,stored_on,powered_by, etc. - SLA inheritance validation — automatically detects when a Gold-SLA VM runs on Bronze-SLA infrastructure
- Interactive graph visualization
- Visual workflow designer (drag & drop)
- Step types: Forms, Routing, Approvals, Conditions, Automations
- Automatic workflow instantiation based on ticket type/subtype
- Timeout-based escalation
- Service Descriptions — atomic building blocks defining what you do (and don't do)
- Horizontal Catalog — standard service bundles
- Vertical Catalogs — industry-specific overrides (e.g., Banking Edition with DORA-compliant patching)
- Direct linking to CMDB assets
- Framework management (DORA, NIS2, ISO 27001, BSI C5, ...)
- Map requirements to service descriptions
- Compliance matrix with gap analysis
- Flag assets under specific regulatory scope
- Check_MK webhook integration (auto-creates incidents)
- Asset matching via hostname/IP
- Event deduplication (no incident spam)
- Extensible for Zabbix, Prometheus, etc.
- Multi-language: German (default) and English, switchable per user
- REST API: Every function is API-accessible — automate everything
- OIDC Authentication: Azure AD, Keycloak, Okta (Enterprise)
- Role-based access: Admin, Manager, Agent, Viewer
- Tamper-proof audit trail: Every mutation is logged with a SHA-256 hash chain
- Integrity verification: Cryptographic proof that audit logs haven't been tampered with
- httpOnly cookie authentication: JWT stored in httpOnly cookies, not localStorage
- CSRF protection: Double-submit cookie pattern for cross-site request forgery prevention
- Content Security Policy: Helmet CSP headers in production mode
- Audit export: Download audit logs as CSV or JSON for compliance audits
| Community | Enterprise | |
|---|---|---|
| Price | Free | Contact us |
| Assets | 50 | Unlimited |
| Users | 5 | Unlimited |
| Tickets | ∞ | ∞ |
| CMDB | ✅ Full | ✅ Full |
| Workflow Templates | 3 | ∞ |
| Service Catalog | Basic | Full (vertical catalogs) |
| Compliance Frameworks | 1 | ∞ |
| Auth | Local | + OIDC/SAML |
| Monitoring Sources | 1 | ∞ |
| API | ✅ Full | ✅ Full |
The Community Edition is fully functional — no artificial feature gates. Enterprise adds scale and enterprise authentication.
- Frontend: React, TypeScript, Tailwind CSS, shadcn/ui, React Flow
- Backend: Node.js, Express, TypeScript
- Database: PostgreSQL (production) or SQLite (single-container)
- ORM: Drizzle ORM (supports both databases)
- Auth: Local accounts + OIDC (Enterprise)
- Queue: BullMQ + Redis (production) or better-queue (single-container)
- i18n: react-i18next (frontend) + i18next (backend)
- Testing: Vitest + Playwright
Full documentation is available at https://slemens.github.io/opsweave
OpsWeave is API-first. Every function available in the UI is also available via REST API.
# List all incidents
curl -H "Authorization: Bearer $TOKEN" \
http://localhost:8080/api/v1/tickets?ticket_type=incident
# Create an asset
curl -X POST -H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d '{"name":"web-server-01","asset_type":"server_virtual","sla_tier":"gold"}' \
http://localhost:8080/api/v1/assets
# Check SLA conflicts for an asset
curl -H "Authorization: Bearer $TOKEN" \
http://localhost:8080/api/v1/assets/{id}/sla-chainFull OpenAPI specification is auto-generated and available at /api/v1/docs.
We welcome contributions! Please read our Contributing Guide before submitting a PR.
- Issues: Bug reports and feature requests via GitHub Issues
- PRs: Fork → Branch → PR (English, conventional commits)
- Discussions: GitHub Discussions for questions and ideas
OpsWeave is licensed under the GNU Affero General Public License v3.0.
Made with ❤️ for the ITSM community