Nexus Dashboard
A comprehensive Model Context Protocol (MCP) server for Cisco Nexus Dashboard, enabling AI agents like Claude to interact with Nexus Dashboard APIs for intelligent network automation and management.
Nexus Dashboard MCP Server
A comprehensive Model Context Protocol (MCP) server for Cisco Nexus Dashboard, enabling AI agents like Claude to interact with Nexus Dashboard APIs for intelligent network automation and management.
Features
Core Capabilities
-
Complete API Coverage: Access to 638+ operations across 5 Nexus Dashboard APIs
- Manage API (146 endpoints): Fabrics, switches, VLANs, VRFs, networks, interfaces
- Analyze API: Telemetry, insights, anomalies, compliance
- Infrastructure API: System health, licensing, user management
- OneManage API: Device inventory, topology
- Orchestration API: Workflows and automation
-
Security First:
- HTTPS with self-signed certificates (auto-generated)
- Multi-user authentication with role-based access control (RBAC)
- Read-only mode by default with explicit edit mode enablement
- Fernet-encrypted credential storage
- Complete audit logging with client IP tracking
- Granular operation whitelisting per role
-
Web Management UI:
- Next.js-based management interface with HTTPS
- User and role management
- Real-time system health monitoring
- Audit log viewer with CSV export
- Cluster management with connection testing
- Security configuration dashboard
- API guidance and workflow management
-
Enterprise Ready:
- PostgreSQL database for persistence
- Docker-based deployment with host networking
- Complete audit trail for compliance
- LDAP integration support
Quick Start
Prerequisites
- Docker 20.10+ and Docker Compose 2.0+
- Cisco Nexus Dashboard 4.1+ with NDFC 12.x
- Node.js 18+ (for remote MCP access via mcp-remote)
1. Clone and Configure
git clone https://github.com/beye91/nexus-dashboard-mcp.git
cd nexus-dashboard-mcp
# Create environment file with your server's IP address
echo "CERT_SERVER_IP=YOUR_SERVER_IP" > .env
Replace YOUR_SERVER_IP with your server's actual IP address (e.g., 192.168.1.213).
2. Start Services
docker compose up -d --build
This will:
- Generate self-signed SSL certificates automatically
- Start PostgreSQL database (port 15432)
- Start Web API with HTTPS (port 8444)
- Start Web UI with HTTPS (port 7443)
- Start MCP Server for Claude integration
3. Initial Setup
-
Open your browser and navigate to:
https://YOUR_SERVER_IP:7443 -
Accept the self-signed certificate warning
-
Complete the initial admin setup:
- Username:
admin - Email:
[email protected] - Password:
Admin123!(or your preferred password)
- Username:
-
Configure your first cluster:
- Navigate to Clusters page
- Click "Add New Cluster"
- Enter your Nexus Dashboard details
- Click "Test Connection" to verify
- Save the cluster configuration
4. Configure Claude Desktop
Add to your Claude Desktop configuration:
macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json
Linux: ~/.config/Claude/claude_desktop_config.json
Remote Deployment (Recommended)
{
"mcpServers": {
"nexus-dashboard": {
"command": "npx",
"args": [
"mcp-remote@latest",
"https://YOUR_SERVER_IP:8444/mcp/sse",
"--transport",
"sse-only"
]
}
}
}
Replace YOUR_SERVER_IP with your server's IP address.
Note: Since we use self-signed certificates, you may need to set
NODE_TLS_REJECT_UNAUTHORIZED=0in your environment or accept the certificate in your system's trust store.
Local Deployment (same machine as Docker)
{
"mcpServers": {
"nexus-dashboard": {
"command": "docker",
"args": [
"exec",
"-i",
"nexus-mcp-server",
"python",
"src/main.py"
]
}
}
}
Restart Claude Desktop, and you'll see the Nexus Dashboard tools available!
Architecture
External Clients
(Browser, Claude Desktop)
|
[HTTPS/TLS]
|
+---------------+---------------+
| |
Port 7443 Port 8444
| |
+----------+----------+ +---------------+--------------+
| Web UI | | Web API |
| (Next.js) |--->| (FastAPI) |
| HTTPS Proxy | | +----------+ +---------+ |
+---------------------+ | | REST API | | MCP SSE | |
| +----------+ +---------+ |
+---------------+--------------+
|
+----------------------+----------------------+
| | |
+--------+--------+ +--------+--------+ +--------+--------+
| PostgreSQL | | MCP Server | | Nexus Dashboard |
| Port 15432 | | (stdio) | | Clusters |
+-----------------+ +-----------------+ +-----------------+
Certificate Volume: /app/certs/ (auto-generated on first startup)
Port Summary
| Service | Port | Protocol | Description |
|---|---|---|---|
| Web UI | 7443 | HTTPS | Management interface |
| Web API | 8444 | HTTPS | REST API and MCP SSE endpoint |
| PostgreSQL | 15432 | TCP | Database (mapped from 5432) |
| Internal HTTP | 8001 | HTTP | Internal proxy communication |
Environment Variables
Required for Production
Create a .env file with:
# Your server's IP address (for SSL certificate SAN)
CERT_SERVER_IP=192.168.1.213
# Security (generate unique keys for production)
ENCRYPTION_KEY=your-unique-fernet-key
SESSION_SECRET_KEY=your-random-secret-key
# Optional: Nexus Dashboard defaults (can be configured via Web UI)
NEXUS_CLUSTER_URL=https://nexus-dashboard.example.com
NEXUS_USERNAME=admin
NEXUS_PASSWORD=YourPassword
Generate Encryption Key:
python3 -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
Optional Variables
# SSL Certificate Configuration
CERT_DAYS=365 # Certificate validity (default: 365)
CERT_CN=nexus-dashboard # Certificate common name
# Security
EDIT_MODE_ENABLED=false # Enable write operations
MCP_API_TOKEN=your-token # Optional: Require token for MCP access
# Logging
LOG_LEVEL=INFO # DEBUG, INFO, WARNING, ERROR
Security
HTTPS Configuration
Self-signed certificates are automatically generated on first startup:
- Stored in Docker volume
nexus-mcp-certs - Valid for 365 days (configurable via
CERT_DAYS) - Includes localhost, 127.0.0.1, and your server IP in SAN
To regenerate certificates:
docker volume rm nexus-mcp-certs
docker compose up -d
Multi-User RBAC
The platform supports multiple users with role-based access control:
- Admin Role: Full access to all operations
- Operator Role: Read access + specific write operations
- Viewer Role: Read-only access
Users can be managed through the Web UI under Security > Users.
Best Practices
- Change default admin password after initial setup
- Keep
EDIT_MODE_ENABLED=falseunless write operations are needed - Use strong encryption keys for production
- Review audit logs regularly for unauthorized activity
- Limit network access to the server
Documentation
- Quick Start Guide - Get up and running in 5 minutes
- Architecture Overview - System design and components
- User Guide - Comprehensive usage documentation
- Web UI Guide - Managing the system via web interface
- Claude Desktop Setup - Detailed Claude integration
- Deployment Guide - Production deployment recommendations
- Multi-User RBAC - Role-based access control
- API Guidance System - Customizing API behavior
Troubleshooting
Check Container Status
docker compose ps
docker compose logs -f
Certificate Issues
# View certificate details
docker compose exec web-api openssl x509 -in /app/certs/server.crt -text -noout
# Regenerate certificates
docker volume rm nexus-mcp-certs
docker compose up -d
Database Issues
# Connect to database
docker compose exec postgres psql -U mcp_user -d nexus_mcp
# Check tables
\dt
# View audit logs
SELECT * FROM audit_log ORDER BY timestamp DESC LIMIT 10;
Network Connectivity
# Test API endpoint
curl -k https://localhost:8444/api/health
# Test Web UI
curl -k https://localhost:7443
Development
Local Development Setup
# Clone repository
git clone https://github.com/beye91/nexus-dashboard-mcp.git
cd nexus-dashboard-mcp
# Create virtual environment
python -m venv venv
source venv/bin/activate
# Install dependencies
pip install -r requirements.txt
# Start database only
docker compose up postgres -d
# Run API locally
python src/api/web_api.py
# Run Web UI in dev mode
cd web-ui
npm install
npm run dev
License
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
Acknowledgments
- Anthropic - For the Claude AI platform and MCP protocol
- Cisco - For Nexus Dashboard APIs
- FastMCP - For the excellent MCP framework
Made with care for network automation
Related Servers
Salaah MCP
FastAPI and MCP service providing Islamic prayer times and other useful calculations.
Etsy
A TypeScript-based MCP server for interacting with the Etsy API, featuring a simple notes system.
Time MCP Server
Enables time awareness for large language models.
SafeDep
Real-time malicious package protection for AI coding agents
GW2 MCP Server
Connects Large Language Models (LLMs) with Guild Wars 2 data sources. Requires a Guild Wars 2 API key for wallet functionality.
MCP Location Services for LLM
Provides geocoding, reverse geocoding, routing, and driving distance calculations for LLMs using pgGeocoder and pgrServer.
Bitnovo Pay
MCP server for Bitnovo Pay integration with AI agents. Provides cryptocurrency payment capabilities through Bitnovo Pay API. Features include payment creation, status checking, QR code generation, and webhook management with support for multiple tunnel providers (ngrok, zrok, manual).
Satellite MCP Server
Performs satellite orbital mechanics calculations using natural language, with a built-in world cities database for location lookup.
ROT Trading Intelligence
The first financial intelligence MCP server. Live AI-scored trading signals from Reddit, SEC filings, FDA approvals, Congressional trades, and 15+ sources. 7 tools, 2 resources, hosted remotely, free, no API key required.
Interzoid Data Quality
AI-powered data matching, enrichment, standardization, and verification APIs. 29 tools for company/name/address deduplication, business intelligence, email trust scoring, and more. Supports x402 crypto micropayments.