Services
| Service | Port | Role |
|---|---|---|
| Portal | 3002 | Web UI for org and project governance — policies, agents, access keys, traces |
| API | 4001 (REST), 4002 (gRPC) | Core backend. Manages orgs, projects, policies, and agents. The system of record other services call into |
| Gateway | 8787 | LLM gateway. Proxies AI requests to upstream providers, enforcing auth and guardrails on the way through |
| Guardian | 8700 | Guardrail evaluation engine. Scores prompts and completions against a policy’s rule set (jailbreak detection, compliance checks) |
| Tracing | 5001 | Observability. Stores request/response spans for the audit log and review queue |
| Postgres, SuperTokens, ClickHouse | internal only | Infrastructure dependencies — relational storage, auth sessions, and trace storage. Not exposed outside the Compose network |
Services diagram
Request flow
A governed LLM request moves through the stack like this: The Gateway sits in front of every AI call. It checks the Access Key against the API service, fetches the Agent’s Policy Set, and routes the request through Guardian both before the call leaves (input guardrails) and after the response comes back (output guardrails) before returning it. Every step along the way is recorded as a span in Tracing, which powers the audit log and review queue. The Portal is a separate flow — it’s the UI org owners use to configure Projects, Policy Sets, and Agents, and to browse traces. It talks to the API service directly and never sits on the request path.Try it locally
The full architecture above is exactly what gegentic-quickstart starts withdocker compose up. See Run Gegentic Locally with Quickstart for setup instructions.