Skip to content

ascorbic/cirrus

BranchesTags

Repository files navigation

☁️

CIRRUS

The lightest PDS in the Atmosphere

A single-user AT Protocol Personal Data Server (PDS) that runs on a Cloudflare Worker.

Why run your own PDS?

A PDS is where Bluesky data lives – posts, follows, profile, and media. Running a personal PDS provides:

  • Independence from platform changes – If Bluesky's ownership or policies change, the account remains under full control. No billionaire can take it away.
  • Network resilience – A diverse ecosystem of PDS providers makes the AT Protocol network stronger. More independent servers mean no single point of failure.
  • Data sovereignty – The repository lives on infrastructure under direct control
  • Portability – Move between hosting providers without losing followers or identity

Architecture

This implementation uses Cloudflare Workers with Durable Objects and R2:

  • Worker – Stateless edge handler for routing, authentication, and DID document serving
  • Durable Object – Single-instance SQLite storage for your AT Protocol repository
  • R2 – Object storage for blobs (images, videos)

The result is a PDS that runs at the edge with no servers to manage, automatic scaling, and pay-per-use pricing.

Quick Start

npm create pds

This scaffolds a new project, installs dependencies, and runs the setup wizard. See the PDS package documentation for detailed setup and configuration.

Packages

Package Description
@getcirrus/pds The PDS implementation – handles repository operations, federation, OAuth, and the CLI
@getcirrus/oauth-provider OAuth 2.1 provider for "Login with Bluesky"
create-pds Scaffolding CLI to create new PDS projects

Status

This is beta software under active development, but the core features are functional:

  • Repository operations (create, read, update, delete records)
  • Federation (sync, firehose, blob storage)
  • OAuth 2.1 provider (PKCE, DPoP, PAR)
  • Account migration from existing PDS

See the PDS documentation for current limitations and roadmap.

Key Safety

Your signing key controls your identity. Cloudflare secrets cannot be retrieved after they're set, so backing up your key during setup is critical.

During Setup

When you run pds init, you'll be prompted to back up your signing key. Store it somewhere safe – a password manager, encrypted backup, or similar.

Key Recovery

If you've cloned to a new machine and see the "Key Recovery Required" error:

  1. Restore from backup – If you backed up your key (recommended), add it to .dev.vars: 
    SIGNING_KEY=your-backed-up-key-here
  2. Run init againpds init will detect the local key and continue

If You've Lost Your Key

For did:web users:

  • Generate a new key by clearing .dev.vars and re-running pds init
  • Old signatures become unverifiable – followers may see warnings
  • Your identity continues, but there's no cryptographic proof of continuity

For did:plc users:

  • If you have a recovery key registered with PLC, you can rotate to a new signing key
  • Without a recovery key, you'll need to start a new identity
  • See the AT Protocol PLC documentation for recovery operations

Requirements

  • Cloudflare account with R2 enabled
  • A domain you control (for your handle and DID)

Resources

License

MIT. © Matt Kane (@ascorbic)

About

A single-user ATProto PDS that runs on a Cloudflare Worker

Topics

atproto atproto-pds

Resources

Readme
Activity

Stars

139 stars

Watchers

3 watching

Forks

7 forks
Report repository

Releases 28

@getcirrus/oauth-provider@0.3.0 Latest
Jan 9, 2026
+ 27 releases

Packages

No packages published

Contributors 7

Languages