Every local app.
A trusted HTTPS URL.

No certificate warnings or localhost port juggling.
Automatic framework setup, routing, and inspection.
Public sharing only when you choose.

$ lokei
Detected: pnpm dev → next dev
Name: myapp (from package.json)
Framework: Next.js
Port: 4001
✓ https://myapp.test
npm install -g @ulpi/lokei cd your-project lokei

What you get

Stop rebuilding your local infrastructure

lokei handles the plumbing between your code and a production-like URL: certificates, DNS, ports, framework startup, proxy routing, debugging, containers, and sharing.

https://myapp.test

Trusted HTTPS domains

Every project gets a memorable domain and a certificate signed by your trusted local CA. Test OAuth, secure cookies, and service workers without browser warnings.

4000–5999

Conflict-free sticky ports

Each project keeps a stable allocated port across restarts. Run several apps and worktrees without editing config or guessing which localhost port is which.

lokei run

Framework-aware startup

Detects 30+ development stacks and injects the host, port, and app URL settings they expect. Your existing dev command remains the source of truth.

lokei inspect

Traffic inspector

See headers, bodies, status, and timing at inspect.test. Replay a captured request or export JSON, CSV, and HAR without adding a browser extension.

lokei docker up

Docker Compose

Give Compose services HTTPS routes from their published TCP ports. Laravel Sail gets safer defaults: the app and web tools are routed while databases and caches stay internal.

fix-ui.myapp.test

Git worktrees

Run main and feature branches side by side. Each worktree gets a predictable prefixed domain instead of competing for the same port.

lokei up

Multi-service

Start a frontend, API, and supporting processes from lokei.yaml with explicit routes, sticky ports, health checks, and one shared lifecycle.

lokei doctor

Diagnostics

Check CA trust, certificates, DNS, port forwarding, daemon health, and TLD consistency. Get a specific fix instead of debugging the stack by hand.

NEXT_PUBLIC_APP_URL

Smart env injection

Your app receives its HTTPS origin through framework-specific variables such as NEXTAUTH_URL, NEXT_PUBLIC_APP_URL, VITE_APP_URL, and APP_URL.

h2 + h1 fallback

HTTP/2 multiplexing

Serve local domains over HTTP/2 with HTTP/1.1 fallback, so asset-heavy development pages are not constrained by the browser's per-origin connection limit.

lokei run --route /api=4013

Path routing

Keep the frontend, API, and WebSocket server on one origin. Route /api and /ws to separate local ports without adding another proxy config.

AI agents

Agent-friendly

Give Claude Code, Codex, Cursor, Windsurf, or another coding agent one public URL. It learns when to suggest lokei and how to install it safely.

Open agent onboarding

Secure by default

Sign in with Google.
Locally.

OAuth providers, secure cookies, webhooks, and service workers all demand real HTTPS — and reject http://localhost. lokei gives every project a valid TLS certificate on a real domain, so the modern web's secure-context features just work on your machine.

http://localhost:3000insecure context
  • Sign in with Google → redirect_uri_mismatch
  • Secure cookies (SameSite=None) → silently dropped
  • Stripe / GitHub webhooks → can't reach your machine
  • Service workers · HSTS · HTTP/2 → all disabled
https://myapp.testsecure context
  • OAuth redirects accepted — a real https:// origin
  • Secure and cross-site cookies stick
  • Valid TLS from your trusted CA — zero warnings
  • Full secure context: HTTP/2, HSTS, service workers

Provider picky about the domain?

Some only accept certain TLDs. Switch yours in one command — DNS, certificates, and routes all follow. Public tunnels stay on lokei.dev.

$ lokei setup --tld dev
✓ https://myapp.dev

Go public

Share your work

Public URL in seconds. Named tunnels with auth. Self-hostable relay.

From your project

$ lokei share
✓ Sharing storefront
Public: https://storefront--ciprian.lokei.dev
Local: https://storefront.test
Expires: in 2 hours
Anyone with this URL can access the project.
Stop sharing: lokei share stop

Named tunnel

$ lokei run --expose
Name: myapp (from package.json)
Framework: Next.js
Port: 4001
✓ https://myapp.test
✓ https://myapp--ciprian.lokei.dev

Tunnels run through the lokei relay, a WebSocket server that multiplexes HTTP over a single connection using MessagePack. Password-protect tunnels, set a TTL, or restrict access with bearer tokens. Because named tunnels route through your local proxy, public traffic shows up in the inspector too.

Claim a username and your tunnels get stable URLs like app--you.lokei.dev. Self-host the relay on your own infrastructure — it's a standalone npm package.

Debugging

See every request

A built-in traffic inspector at inspect.test. No browser extensions, no proxy config.

Open the inspector

$ lokei inspect
→ https://inspect.test
Opening in browser...

Live stream

Every request through your .test domains shows up in real time via Server-Sent Events. No refresh needed.

Headers, bodies, timing

Full request and response details. JSON bodies are syntax-highlighted. Timing breakdown for each request.

Replay requests

Modify method, URL, headers, or body and replay any captured request. Side-by-side diff of original vs replayed response.

Export

Export traffic as JSON, CSV, or HAR 1.2. Import HAR into Chrome DevTools or share with your team.

Under the hood

Not a wrapper around
/etc/hosts

A local infrastructure stack: CA, DNS, TLS, port management, process lifecycle, and route registration.

lokei setuponce
├─Generates a root CA with openssl
├─Trusts it in your OS keychain
├─Configures /etc/resolver/test → 127.0.0.1:15353
├─Sets up pfctl port forwarding (80→15080, 443→15443)
└─Pins cert to exact hostname via SNI — no wildcards
lokei runevery time
├─Starts the daemon if not running
├─Detects framework from package.json
├─Reserves a sticky port from the 4000–5999 ledger
├─Spawns dev server with injected PORT
├─Waits for TCP bind (30s timeout)
├─Generates TLS cert for myapp.test, signed by your CA
├─Registers the route in the daemon
└─https://myapp.test is live

Frequently asked questions

Local development stays local and free. Public sharing is optional. Here is exactly what lokei runs, supports, and charges for.

lokei is a local development proxy and CLI that turns your existing dev command into a stable, trusted URL. Run `lokei run` and it detects your project, reserves a conflict-free port, starts the app, creates its certificate, and routes `https://myapp.test` to it. You work with memorable, production-like origins instead of localhost ports and certificate setup.

`/etc/hosts` only maps a hostname to an IP address. lokei also runs local DNS, creates and trusts a local CA, issues per-project certificates, terminates HTTPS and HTTP/2, allocates sticky ports, starts and stops dev servers, routes paths and services, and captures traffic. Multiple projects get memorable domains without manual port or proxy configuration.

No. Local development is free: trusted domains and certificates, automatic ports, framework-aware startup, traffic inspection, Docker Compose, Git worktrees, and multi-service routing. An account is only needed for hosted public tunnels. The Free cloud plan includes two concurrent random tunnel URLs with two-hour sessions; paid plans add named URLs, longer sessions, and access controls.

Run `lokei share` from your project directory. lokei detects the active service, starts it when needed, and returns a public HTTPS URL without asking for a route name or port. The CLI forwards requests through the authenticated relay while your app stays on your machine. Use `lokei share stop` when you are done. Named URLs and access controls depend on your plan.

Yes. `lokei relay start` can run the relay on your own domain with your TLS certificate and either file-based tokens or cloud-backed authentication. You operate the DNS, deployment, monitoring, and availability. Contact us for organization-wide licensing, support, or SLA requirements.

lokei has framework-specific detection and port injection for 30+ development stacks, including Next.js, Vite, Astro, Angular, Nuxt, SvelteKit, React Router, Expo, Rails, Django, Flask, Laravel, Spring Boot, Hugo, and Node servers. It also wraps npm, pnpm, yarn, and Bun scripts, so custom servers work when they accept `PORT` or an explicit port flag.

Yes. `lokei docker up` reads Docker Compose, allocates loopback host ports, and gives services with published TCP ports HTTPS `.test` routes. It can also run or adopt individual containers. For Laravel Sail, only the app and web tools get routes; databases and caches remain backing services.

Yes. `.test` is the safe default reserved for testing. Use `lokei setup --tld dev` or set `LOKEI_TLD=dev` to choose another valid local TLD; DNS, certificates, routes, and the inspector follow it. Choose a suffix that does not conflict with mDNS or company DNS. Public tunnels always stay on `lokei.dev`.

No. lokei is proprietary, closed-source software maintained by Open Growth Group Inc. The compiled `@ulpi/lokei` package can be installed and used for local development and lokei services under the published license; rights to redistribute, modify, or operate a competing service are not granted.

Cloud

lokei cloud

Stable URLs

Claim a username. Your tunnels live at app--username.lokei.dev — same URL every time.

API keys

Create and revoke keys for CI pipelines and scripts. Last-used tracking so you know what's active.

Tunnel dashboard

Active tunnels with connection state, uptime, and heartbeat status at a glance.

Device-code auth

lokei login opens your browser. No password to type.

$ lokei login
Open this URL in your browser:
https://lokei.dev/auth/verify?code=ABCD-1234
Waiting for authorization...
✓ Logged in as ciprian
✓ Username: ciprian
✓ Tunnels at *--ciprian.lokei.dev

CLI at a glance

lokei setupOne-time: CA, DNS, trust store, port forwarding
lokei runWrap your dev server with a .test HTTPS domain
lokei up / downStart/stop services from lokei.yaml
lokei sharePublic tunnel URL for localhost
lokei tunnelPersistent tunnels (open, close, list)
lokei docker upHTTPS domains for Docker Compose services
lokei inspectTraffic inspector in your browser
lokei logsView and tail proxy request logs
lokei loginAuthenticate for public tunnels
lokei routes lsList active .test routes
lokei doctorDiagnose DNS, TLS, port forwarding
lokei service installOS service (launchd/systemd)