Devin is a closed, hosted AI software engineer. For teams who cannot send prompts and source code through a third-party SaaS — or simply want to own the stack — there is a self-hostable equivalent. Linchpin is the runtime piece. Apache-2.0, single VM, your models, your data.
What people mean by "I want Devin, but self-hosted" is roughly: an autonomous coding agent that takes a task in plain English, plans, writes and runs code in an isolated environment, iterates on failures, and reports results — running on infrastructure the team controls. The agent loop, the sandbox, the model, the audit trail — all under your roof.
Devin is not open source, so the answer is not to clone Devin. The answer is to assemble the same shape from open-source pieces. Linchpin is one of those pieces — specifically the runtime layer (sessions, sandboxes, event log, tool execution, streaming).
| Layer | What it does | What to use |
|---|---|---|
| Runtime | Sessions, sandboxes, event log, tool execution, streaming | Linchpin (Apache-2.0) |
| Model | Frontier coding model | OpenRouter route to Claude / GPT / Gemini, or Ollama with Qwen 2.5-Coder / DeepSeek-Coder locally |
| Agent definition | System prompt, tool allow-list, policies | Plain JSON via Linchpin's /v1/agents endpoint |
| Sandbox image | Container with Python, Node, git, ripgrep, build tools | Linchpin's default sandbox image (extensible) |
| Tools | bash, file edit, web fetch, web search, MCP | Linchpin's built-in eight + any MCP server you mount |
| UX | Web UI for kicking off tasks and watching streams | Linchpin console (or your own thin app over the HTTP API) |
| Audit | Replayable record of every step | Linchpin event log (Postgres, SSE replay) |
Linchpin's three services plus Postgres run under one docker compose file. A 16 GB VM is plenty for half a dozen concurrent autonomous coding sessions; 4 GB is enough for the runtime if you only need a couple. The per-session sandbox container is created on demand and reaped when the session ends. The whole stack — API, connector, console, database, sandboxes — is one machine.
That's the operational difference from a hosted product like Devin. Less moving parts, less surface area, fewer compliance questions. If your security team can approve a Postgres + Docker VM, they can approve this.
This is not "free Devin." It is an open-source runtime you can build a Devin-shaped product on. If your bottleneck is engineering time and the constraint is "I want a working agent today," buy Devin (or use OpenHands). If your bottleneck is policy / control / cost-at-scale and you have the engineering bandwidth, this is the right shape.
# 1. Clone
git clone https://github.com/linchpinhq/linchpin.git
cd linchpin
# 2. Configure (one API key, one encryption key, one OpenRouter key)
cat > .env <<EOF
LINCHPIN_API_KEY=$(openssl rand -hex 24)
VAULT_ENCRYPTION_KEY=$(python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())")
OPENROUTER_API_KEY="sk-or-v1-..."
EOF
# 3. Up
docker compose up --build
# 4. Define a coding agent
curl -sX POST http://localhost:8000/v1/agents \
-H "Authorization: Bearer $LINCHPIN_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "coder",
"model": {"provider": "openrouter", "id": "anthropic/claude-sonnet-4"},
"system": "You are an autonomous software engineer. Plan, execute, verify.",
"tools": [
{"name": "bash", "permission": "always_ask"},
{"name": "edit", "permission": "always_allow"},
{"name": "web_search", "permission": "always_allow"}
]
}'The full quickstart is in the docs. The architecture page covers how the orchestrator, sandbox, event log, and vault fit together.