Linchpin / Use cases / Self-hosted agents

Run AI agents on infrastructure you own.

Linchpin is an open-source managed-agent runtime. Deploy it on your VM with docker compose up and run AI agents against any cloud or local model. The data never leaves your environment.

Who this is for

§ 01

Teams who cannot, will not, or do not want to send their data to a third-party hosted agent service. The most common reasons we hear:

Regulated industries — healthcare, finance, government, defense. Data residency and audit requirements rule out hosted agent platforms.
Privacy-conscious products — internal tools that touch customer data, employee records, or proprietary IP. Even with vendor agreements in place, "data never leaves our perimeter" is the simpler story.
Cost-sensitive infrastructure — paying per-agent runtime fees on top of model costs adds up. Linchpin itself is free; you pay only for the VM and the model usage.
Air-gapped or VPC-only deployments — internal networks where outbound calls to a managed agent service are not an option.
Teams building their own agent products — when the agent runtime is part of your stack, owning it (rather than depending on a vendor's roadmap) matters.

Anchor scenarios

§ 02

1. Code review on private repositories

You want an agent that reads PRs against an internal monorepo, runs lint and tests inside a sandbox, and posts review comments. The repo cannot leave your VPC. Linchpin runs the agent inside a per-session container on a network you control; the agent talks to your internal git host over the private network and to OpenRouter (or your own self-hosted gateway) for the model calls.

2. Internal data analysis

An agent that answers questions over a warehouse of customer data. The query plan, the SQL, the result rows, and the final answer all need to stay inside your perimeter. Run Linchpin on the same VPC as the warehouse. The agent's tool definitions point at internal services; nothing goes out except the LLM prompt itself, and you can route that through a self-hosted gateway if needed.

3. Customer-data workflows in regulated industries

An agent that helps clinicians, claims adjusters, or analysts work through case files. HIPAA, SOC 2, internal audit — Linchpin's append-only event log gives you a tamper-evident record of every action. The runtime is yours; the audit trail is yours; the deployment posture is yours.

Architecture on a single VM

§ 03

Everything runs on one machine — a small VM is enough to start. Three services plus Postgres, all in docker compose. Per-session sandbox containers spin up on demand.

Fig. 01 · Linchpin on a single VM

flowchart LR
    user[Your client] -->|HTTP| api[linchpin-api
FastAPI]
    api --> pg[(Postgres 16
event log)]
    api --> conn[linchpin-connector
docker exec]
    conn --> sbx[per-session
sandbox container]
    api -->|model call| router[OpenRouter
or Ollama]
    api -->|SSE stream| user
    style api fill:#B83A1A,color:#F4F2EC
    style pg fill:#1A1A1A,color:#F4F2EC

Hardware sizing: 4 GB RAM minimum for the platform itself; 16 GB recommended once you are running multiple concurrent sessions. If your models are local (Ollama), the model is the binding constraint and you want a GPU. If your models are cloud (OpenRouter), CPU and RAM are plenty.

Quickstart

§ 04

Clone, configure, run. The end-to-end is documented in the docs and the repo README. The short version:

# 1. clone
git clone https://github.com/linchpinhq/linchpin
cd linchpin

# 2. configure
cp .env.example .env
# set OPENROUTER_API_KEY or OLLAMA_HOST + LINCHPIN_API_KEY + VAULT_ENCRYPTION_KEY

# 3. run
docker compose up --build

The console comes up at localhost:5173 and the API at localhost:8000. From there, create an environment, define an agent, and open a session. The homepage quickstart walks through the curl flow.

What you give up

§ 05

SLA. You operate the runtime. Anthropic's Managed Agents and similar hosted services beat anything you can stand up in a week on a single VM.
SSO / RBAC. Linchpin today is single-tenant. If you need fine-grained user-level access control, you wire that in your reverse proxy.
Observability dashboards. The event log is in Postgres and streamable over SSE. There is no built-in Grafana, no anomaly detection, no error budgets. You build what you need.
Compliance certifications. The runtime itself does not carry SOC 2 or HIPAA badges — your environment does. Linchpin gives you the building blocks (audit log, sandbox isolation, encrypted credential vault); the certification work is on you.

§ 06