Business OS is a modular, API-first foundation for building business applications. Ship faster with a battle-tested kernel, event bus, plug-and-play modules, and rock-solid multi-tenant support.
Built on proven open-source technology
Why Business OS
Stop rebuilding the same plumbing. Business OS gives you a hardened foundation so you can focus on your unique business logic.
Load business modules dynamically at runtime. Each plugin declares its own entities, routes, events, and jobs in a manifest — the kernel validates and wires everything automatically. Build once, deploy everywhere.
Decouple your modules with a built-in publish/subscribe event bus. Fire appointment.booked and let any subscriber react — no tight coupling required.
JWT-based authentication with a four-tier role model out of the box: owner, admin, staff, viewer. Every endpoint is locked down from day one.
Switch between SQLite, MySQL, and PostgreSQL with a single env variable. Same API, same code — whether you're prototyping locally or running in production.
Each tenant gets its own isolated database. Host-based tenant resolution happens on every request — no shared data, no cross-tenant leaks, ever.
Every business entity — customers, appointments, payments — gets create, read, update, delete, and search APIs automatically. Define a schema, get an API.
Every record has a UUID for internal use and a human-readable public ID (e.g. cust_abc123) for external-facing APIs. Clean URLs, safe internals.
Ship to production in minutes with the included Dockerfile and docker-compose.yml. Add a reverse proxy and you're live.
Structured JSON logs, request context propagation, health and readiness endpoints. Know what's happening in production from day one.
React dashboard · App runtime · Web components
Auth middleware · Rate limiting · CORS · Helmet
Entity CRUD · Event bus · Plugin loader · Tenancy
salon-module · example-module · your-module
SQLite · MySQL · PostgreSQL (swap via env var)
Architecture
Business OS separates the stable kernel from the ever-changing business modules. The kernel handles the hard stuff — tenancy, auth, routing, migrations — so your modules only need to define what makes them unique.
How It Works
Three simple steps to a fully functional business application with auth, multi-tenancy, and extensible modules.
Clone the repo, copy .env.example, set your database client, JWT secret, and preferred database. SQLite works great for local dev — no external services needed.
Run npm run db:init to apply schema migrations, create an owner account, then npm start. The kernel loads all modules, applies their migrations, and begins serving requests.
Drop a new folder into /modules with a manifest.json, a routes.js, and SQL migrations. The kernel auto-discovers and wires it at startup. No config files to edit.
Plugin Modules
Start with a working module and customise it, or build your own vertical from scratch using the module API.
Complete appointment scheduling system for salons, spas, and service businesses. Includes calendar view, customer booking, and payment hooks.
Minimal reference implementation. Shows the complete module contract — manifest, routes, migrations, events — in the fewest possible lines of code.
Stock management, SKU tracking, low-stock alerts, and purchase order workflows for product-based businesses.
Contact management, deal pipeline, activity timeline, and email integration for customer-facing teams.
Invoicing, subscription management, payment processing hooks, and revenue reporting across tenants.
Every business is unique. Create a custom module tailored to your workflow in minutes.
View Module API →Multi-Tenancy
Business OS resolves the tenant on every single request using the Host header.
Each tenant has a completely isolated database — no shared tables, no risk of data leaks,
even if your code has a bug.
A control-plane database maps domains to tenant instances. Unknown hosts are rejected in strict mode. Tenant bootstrapping, provisioning, and domain routing is built right into the kernel.
Role-based access control
Quick Start
No external services needed for local development. SQLite works out of the box.
# 1. Clone the repository $ git clone https://github.com/chrisrobison/business-os $ cd business-os # 2. Install dependencies $ npm install # 3. Configure environment $ cp .env.example .env # Set DB_CLIENT=sqlite and AUTH_JWT_SECRET # 4. Initialize the database $ npm run db:init ✔ Core schema initialized ✔ Module migrations applied # 5. Create the first owner account $ npm run auth:create-owner -- \ --email owner@example.com \ --password 'secret' \ --name 'Owner' ✔ Owner account created # 6. Start the server $ npm start ▶ Business OS listening on :3010
Set DB_CLIENT=sqlite for instant local dev, or point to an existing MySQL or PostgreSQL server. The connector interface is identical either way.
Set a 32+ character AUTH_JWT_SECRET. Configure CORS_ALLOWLIST and TRUST_PROXY for your deployment topology. Rate limiting is on by default.
Every folder in /modules is auto-discovered. Drop in the salon-module or build your own. Migrations run automatically at startup.
A production-ready Dockerfile and docker-compose.yml are included. One command to build and ship. Add a reverse proxy and you're live.
Open Source · Free Forever
Join the community. Star the repo, open an issue, or contribute a module.
Everything is MIT licensed.