Connect your AI agents through WireGuard into a secure, decentralized network. Discover, install, and run skills shared by agents across any device. One command to supercharge your agent.
AI agents today run in isolated silos — different devices, different frameworks, no standard way to share capabilities across machines. FYY creates a WireGuard-powered mesh that turns fragmented agents into a connected network where skills flow freely.
One command to connect. Install fyy and your agent is immediately on the mesh — able to discover and use skills shared by other agents.
Skills run where you want. Install skills on your own devices and keep data under your control. Or consume skills published by other agents in the mesh — your choice.
Agent-neutral by design. FYY is the connectivity layer, not an agent framework. Bring your own agent — CrewAI, LangGraph, Mastra, OpenClaw, or any MCP-compatible agent.
Built on open standards. Skill Manifest, MCP Protocol, WireGuard mesh, Grants-based access control — a transparent, extensible foundation you can trust.
Agent teams across devices Run specialized agents on different machines — data processing on a workstation, browser automation on a laptop, notifications on a phone — and let them share skills through the FYY mesh.
Skill marketplace Publish your agent's capabilities as installable skills. Other agents on the mesh discover them, install them, and run them — one command per skill.
Multi-framework interoperability A CrewAI agent publishes a skill. A LangGraph agent on another machine discovers and runs it. FYY handles the secure connectivity and protocol bridging — you focus on building skills.
curl -fsSL https://fyy.dev/install.sh | shThis single command downloads fyy, auto-provisions an AuthKey, joins the official mesh network, and installs fyyd as a system service.
Docker / container environments: fyy auto-detects containers and fully adapts — no systemd needed, socket/PID redirected to tmpfs, daemon kept alive. See Container Setup for details.
brew install feiyueyun/tap/fyyDownload the latest binary from Releases.
fyy runs inside Docker containers, Kubernetes pods, and other restricted environments where systemd/launchd and root access are unavailable.
The install script auto-detects containers and adapts all decisions:
FYY_RUN_DIR=/tmp/fyy-run — Unix socket and PID file go to tmpfs. This is required because Docker volume drivers (overlayfs, bind mounts) often don't support chmod on Unix sockets. /tmp is always tmpfs in all container runtimes.
Daemon stays running — fyyd is started in background and kept alive for the container's lifetime. On host systems, it's stopped after join because systemd/launchd takes over; in containers, there is no init system, so the daemon runs as a regular process.
System service skipped — systemd/launchd don't exist in containers. The container runtime's restart policy (restart: unless-stopped in Docker Compose) replaces this.
PID file safe — The daemon handles container restart correctly: stale PID files are detected because the new daemon checks if a PID matches its own process before concluding "already running."
Auto-heal watchdog — A background fyyd-watchdog process is deployed automatically. It checks fyy status every 60 seconds and restarts fyyd if it's unresponsive. No entrypoint modification needed.
# Inside a container — works out of the box
curl -fsSL https://fyy.dev/install.sh | shAdd to your Dockerfile or entrypoint script:
# In Dockerfile
RUN curl -fsSL https://fyy.dev/install.sh | sh# In entrypoint script
export FYY_RUN_DIR="/tmp/fyy-run"
mkdir -p "${FYY_RUN_DIR}" 2>/dev/null || true
nohup fyyd --foreground > /tmp/fyyd.log 2>&1 &
# Start your application
exec your-appTo persist identity and skill data across restarts, mount a volume and set FYY_STATE_DIR:
export FYY_STATE_DIR="/data/fyy"
export FYY_RUN_DIR="/tmp/fyy-run"
mkdir -p "${FYY_RUN_DIR}" "${FYY_STATE_DIR}" 2>/dev/null || true
nohup fyyd --foreground > /tmp/fyyd.log 2>&1 &In OpenClaw and its variants, the gateway has a built-in cron scheduler that survives container restarts. Use it to keep fyyd alive:
Create .fyy/fyy-auto-recover.sh in the agent workspace:
#!/bin/sh
# fyy-auto-recover — called by OpenClaw cron every 2 minutes
if ! fyy status >/dev/null 2>&1; then
export FYY_RUN_DIR="/tmp/fyy-run"
mkdir -p "${FYY_RUN_DIR}" 2>/dev/null || true
nohup fyyd --foreground > /tmp/fyyd.log 2>&1 &
# If not on the mesh yet, get an auth key and join
sleep 2
if ! fyy status >/dev/null 2>&1; then
AUTH_KEY=$(curl -s -X POST https://api.fyy.dev/v1/auth/auto-provision-authkey \
-H "Content-Type: application/json" -d '{}' \
| sed 's/.*"auth_key"[^"]*"\([^"]*\)".*/\1/')
[ -n "$AUTH_KEY" ] && fyy join --auth-key="$AUTH_KEY" --server=https://ts.fyy.dev
fi
fiConfigure the OpenClaw gateway to run this script on a 2-minute schedule. No system crontab, no background watchdog, no entrypoint modification needed.
services:
fyy-sidecar:
image: alpine:latest
container_name: fyy-sidecar
cap_add:
- NET_ADMIN
restart: unless-stopped
volumes:
- fyy_data:/root/.fyy
environment:
- FYY_RUN_DIR=/tmp/fyy-run
- FYY_STATE_DIR=/root/.fyy/data
command: >
sh -c "
curl -fsSL https://fyy.dev/install.sh | sh -s -- --skip-join &&
exec fyyd --foreground
"
volumes:
fyy_data:Set these before running the install script to override defaults:
| Variable | Container default | Purpose |
|---|---|---|
FYY_RUN_DIR |
/tmp/fyy-run |
Socket + PID (tmpfs recommended) |
FYY_STATE_DIR |
~/.fyy/state |
Identity, skills, DB (persistent volume) |
FYY_SKIP_JOIN |
0 |
Set to 1 to skip mesh join |
# Example: custom paths with persistent state
curl -fsSL https://fyy.dev/install.sh | \
FYY_RUN_DIR=/tmp/fyy-run \
FYY_STATE_DIR=/data/fyy \
sh# Join the official mesh network (auto-provisioned AuthKey)
curl -fsSL https://fyy.dev/install.sh | sh
# Or join a specific network with a pre-provisioned key
fyy join --auth-key=tskey-auth-xxxxx --server=https://ts.example.com
# Check status
fyy status
# Discover available skills
fyy skill search "weather"
# Install and run a skill
fyy skill install weather-lookup
fyy skill start weather-lookupFYY Community Edition (CE) lets you run your own private skill marketplace for free. It ships as a Docker Compose setup — get your own mesh network running in minutes.
See ce/ for the complete CE distribution with Docker Compose files and setup instructions.
Quick CE deployment:
git clone https://github.com/feiyueyun/fyy.git
cd fyy/ce
cp .env.example .env
# Edit .env with your passwords and keys
docker compose up -dThen create an AuthKey and connect your devices:
# Create an auth key for device joining
docker compose exec iam-service-1 feiyueyun-admin authkey create
# On your device, join the network
fyy join --auth-key=<key> --server=https://<your-server>:8080CE documentation: ce/README.md
FYY is built on a small set of open, composable building blocks:
- Skill Manifest — open standard for defining AI agent skill capabilities (spec)
- MCP Gateway — connect any MCP-compatible AI tool
- Grants — fine-grained access control for every skill operation
- WireGuard Mesh — encrypted peer-to-peer networking, your data stays protected
Compatible with Anthropic Agent Skills (740K+ skills) and OpenClaw ecosystem.
中文文档:README.zh.md
# Remove fyy binaries, runtime files, and system service
curl -fsSL https://fyy.dev/uninstall.sh | sh
# Also remove all state data (identity, skill cache, config)
curl -fsSL https://fyy.dev/uninstall.sh | sh -s -- --purgeSee uninstall.sh for details.
FYY CLI and Control Plane CE are free to use. Pre-built binaries are distributed under the FYY Software License.