Build webapps by chatting with an AI agent. Self-host it. Bring your own keys (or don't).
Forge is the open-source, self-hosted alternative to Lovable and v0.dev. Describe the app you want, an AI agent ships the code, and you keep your API keys and your code on your own machine. There is no Forge SaaS, no token resale, no telemetry. The default model is free (DeepSeek V4 Flash via opencode zen) from opencode, so a fresh install works with zero API keys. Bring an Anthropic / OpenAI / Moonshot / Google / Replicate key from in-app Settings only if you want a paid model.
License: BSL 1.1 · Built on opencode (MIT)
You need Docker Desktop (macOS / Windows) or Docker Engine + Compose v2 (Linux) installed and running. Nothing else on the host — no Python, no Node, no bun.
git clone https://github.com/Forgeweb-ai/Forgeweb.git
cd Forgeweb
echo "FORGE_DATA_ROOT_HOST=$(pwd)/forge-data" > .env # creates the required .env AND pins the host data path
docker compose up -dThat one echo does two required things. It creates .env — compose declares env_file: .env, so a fresh clone won't start without the file (Failed to load .env: no such file). And it pins FORGE_DATA_ROOT_HOST to the absolute host path of forge-data. You need the explicit path: forge-server passes it to the Docker daemon to bind-mount each project's workspace into its preview container, and the daemon resolves that path on the host. The compose fallback (${PWD}/forge-data) breaks under sudo — sudo strips $PWD, so it resolves to a blank prefix (/forge-data, which doesn't exist on the host) and preview containers hang in Created. Capturing $(pwd) at install time avoids that whether or not you use sudo.
Everything else has a safe default (${VAR:-default} throughout docker-compose.yml), so no other config is needed to boot. To customize secrets or domains later, see .env.example — but note it ships production domains (app.forge.com, preview.forge.com), so keep those out of a local .env.
Then open http://app.forge.localhost and sign up. First boot builds 4 images (~10 minutes on a clean machine); subsequent boots are seconds.
The stack self-bootstraps: compose creates the forge-net network, Postgres comes up healthy, forge-server's entrypoint waits for it, runs alembic upgrade head, builds the per-project forge-runner image if missing, then starts uvicorn. The default model is opencode zen's free DeepSeek V4 Flash, so a fresh sign-up can chat immediately without any API keys.
To stop: docker compose down. To rebuild after pulling changes: docker compose up -d --build.
If you want to edit the source and see changes live, the source-mode install runs services natively with watch mode:
./install.shinstall.sh checks prerequisites (Docker, Python 3.11+, Node 20+ for the local Supabase, bun ≥1.3.14 — auto-installed), generates a JWT secret, pre-pulls base images, and hands off to dev.sh. After first install, daily restarts are just ./dev.sh.
| Docker path | install.sh path |
|
|---|---|---|
| Docker Desktop / Engine | required | required |
| Python 3.11+ | not needed | required |
| Node.js 20+ | not needed | required (for npx supabase) |
| bun ≥1.3.14 | not needed | auto-installed by install.sh |
| ~4 GB RAM, ~10 GB disk | required | required |
| Supported OSes | macOS, Linux, Windows + WSL2 | macOS, Linux, Windows + WSL2 |
| Symptom | Likely cause | Fix |
|---|---|---|
Can't reach https://bun.sh within 5s |
Corporate proxy, captive portal, or offline | Install bun manually from bun.sh, then re-run ./install.sh. |
$HOME is not writable |
Home directory on a NAS / SMB mount / locked-down corp Mac | Install bun system-wide, or clone Forge under a writable location with a writable $HOME. |
docker is installed but the daemon isn't running |
Docker Desktop not started | Start Docker Desktop (macOS/Windows) or sudo systemctl start docker (Linux). The script tries to start it for you on macOS first. |
npx supabase start fails |
Node not installed or wrong version | Install Node 20+ and re-run ./dev.sh. The Docker path doesn't need this. |
chmod 600 failed (warning, not fatal) |
Filesystem doesn't honor POSIX modes (NAS/exFAT) | Move the repo to a local disk before adding real provider keys. |
Run ./install.sh --check to dry-run prerequisite checks without changing anything.
The Docker path uses plain Postgres for Forge's own metadata; the install.sh path runs a local Supabase stack (more services, more disk). Both store your account, project list, and encrypted provider keys locally on your machine. Paid-model keys are added via in-app Settings after sign-up.
Chat with an AI agent that actually edits your code. Type what you want; the agent reads and writes files in your project folder, runs commands, and shows the result in a live preview.
Every project has a real folder. Open it in your editor, run commands in it, commit it to git. Forge snapshots the folder every time the AI takes a turn, so you can roll back without losing anything you typed.
An audit log for every paid AI call. Every request your agent makes to a paid model is recorded to forge-llm-proxy-logs/ on disk before it leaves your machine. Open the folder, read the JSON, see exactly what was sent and what came back.
AI image generation that doesn't break the page. The agent queues image jobs and shows placeholders until they finish. If your image provider is rate-limited, Forge retries quietly instead of leaving broken pictures in your page. If you haven't added an image-model key, it falls back to a stock-photo search.
Self-host only. There is no Forge SaaS, no Forge-controlled account server, no telemetry phoning home. The same Docker stack you start with docker compose up is the whole product.
Model and key handling comes straight from opencode — you bring your own provider keys, pay your own bill, and cancel any time by removing a key. Forge doesn't resell tokens.
A fresh install works out of the box on opencode zen's free default, with zero keys. Add your own Anthropic, OpenAI, Moonshot, Google, or Replicate key from in-app Settings only if you want a paid model or image generation.
All paid keys go in via Settings → API Keys inside the app — never in .env. They're encrypted on disk and decrypted only on the provider request that needs them.
There are two Supabases in the story — worth keeping straight:
- Forge's own Supabase — runs locally on your machine, set up automatically by the installer. This is where your Forge account, your project list, and your encrypted provider keys live. It is not optional — Forge needs a database to run.
- The Supabase your built apps connect to (optional) — for the apps you build that need their own auth / database / file storage. Connect this from in-app Settings via OAuth. Forge holds a scoped delegation token only; it never sees your
service_roleJWT.
Browser → forge-ui → forge-server → ┌─ opencode (the AI agent)
├─ forge-llm-proxy (audit log)
├─ Postgres / Supabase (Forge's storage)
└─ runner containers (one per project preview)
When you send a chat message: forge-server forwards it to the opencode agent, the agent reads/writes files in your project folder, calls your chosen model via the audit-logging proxy, and streams the response back to the UI. Each project gets a live preview URL of its own; idle projects sleep automatically and wake when you visit them.
CONTRIBUTING.md— repo layout, dev environment, PR conventions.LICENSE— Business Source License 1.1.NOTICE— third-party attribution (opencode MIT, dependencies).
Forge platform code is Business Source License 1.1. You can self-host, modify, contribute, and run your own apps freely. You can not resell Forge itself as a hosted AI-app-generation service. Four years after each release, that release converts to Apache 2.0.
The vendored opencode/ subtree stays under its upstream MIT license. See NOTICE for the full attribution.
Forge is built on opencode, the open-source AI coding agent. We extend it with multi-tenant workspaces, BYOK infrastructure, and a webapp-focused agent loop. opencode is MIT-licensed; we ship our additions under BSL 1.1. We say so openly because credit matters — and because you should always know what's running on your machine.
PRs welcome. See CONTRIBUTING.md for the setup, the repo layout, and the conventions we follow.
Bug? Feature idea? Question? Open an issue or discussion.
