A lightweight infrastructure agent for server and container management.
Monitors health, collects metrics, manages Docker containers, and executes commands — all from a single statically-linked binary.
- Single binary — statically linked (musl), zero runtime dependencies
- Docker management — list, start, stop, restart, pause containers; health checks and log retrieval
- System metrics — CPU, memory, disk usage via CLI or JSON API
- 18+ remote commands — health, logs, exec, deploy, config management, firewall, proxy, and more via Stacker integration
- Self-update — download, verify (SHA256), deploy, and rollback — all built in
- Secure by default — HMAC-SHA256 signed requests, replay protection, rate limiting, audit logging
- Vault integration — fetch, apply, and diff app configs from HashiCorp Vault
- Flexible modes — run as a CLI tool, background daemon, API server, or API+UI server
curl -sSfL https://raw.githubusercontent.com/trydirect/status/master/install.sh | shPin a specific version or choose a custom directory:
VERSION=v0.1.4 curl -sSfL https://raw.githubusercontent.com/trydirect/status/master/install.sh | sh
INSTALL_DIR=~/.local/bin curl -sSfL https://raw.githubusercontent.com/trydirect/status/master/install.sh | shVerify:
status --versionstatus serve [--port 5000] [--with-ui] Start the HTTP API server
status containers List all Docker containers
status health [name] Check container or stack health
status logs <name> [-n 100] Fetch container logs
status start <name> Start a stopped container
status stop <name> Stop a running container
status restart <name> Restart a container
status pause <name> Pause a container
status metrics [--json] Show CPU, memory, disk usage
status update check Check for new versions
status update apply [--version V] Download and verify an update
status update rollback Roll back to previous version
CLI — run a single command and exit:
status health
status metrics --json
status logs my-app -n 50Daemon — background polling agent:
status --daemon --config config.jsonAPI server — local HTTP interface:
status serve --port 5000 # JSON API only
status serve --port 5000 --with-ui # API + web dashboardcargo build --releaseMinimal build (no Docker support):
cargo build --release --no-default-features --features minimaldocker pull trydirect/status:latestOr use Docker Compose with the included docker-compose.yml for a full setup with API server and background agent.
| Method | Path | Description |
|---|---|---|
GET |
/health |
Health check |
GET |
/capabilities |
System capabilities |
GET |
/metrics |
Current system metrics |
GET |
/metrics/stream |
WebSocket metrics stream |
| Method | Path | Description |
|---|---|---|
POST |
/api/v1/commands/execute |
Execute a validated command |
GET |
/api/v1/commands/wait/{hash} |
Long-poll for queued commands |
POST |
/api/v1/commands/enqueue |
Enqueue a command |
POST |
/api/v1/commands/report |
Report execution result |
| Method | Path | Description |
|---|---|---|
GET |
/api/self/version |
Current and available versions |
POST |
/api/self/update/start |
Start update job |
GET |
/api/self/update/status/{id} |
Check update progress |
POST |
/api/self/update/deploy |
Deploy prepared binary |
POST |
/api/self/update/rollback |
Restore previous version |
The agent accepts signed commands from the Stacker dashboard covering the full lifecycle:
| Command | Description |
|---|---|
health |
Container health with optional metrics |
logs |
Container logs with cursor pagination |
start / stop / restart |
Container lifecycle |
exec |
Run command inside a container (sandboxed) |
server_resources |
CPU, memory, disk, network metrics |
list_containers |
All containers with health and logs |
error_summary |
Categorized error analysis |
deploy_app / remove_app |
App deployment via docker-compose |
fetch_config / apply_config |
Vault config management |
config_diff |
Detect configuration drift |
configure_proxy |
Nginx proxy management |
configure_firewall |
iptables policy management |
- HMAC-SHA256 request signing with
AGENT_TOKEN - Replay protection via
X-Request-Idtracking - Rate limiting per agent
- Command validation — conservative allowlist, blocked shells and metacharacters
- Exec sandboxing — dangerous commands (
rm -rf /,mkfs,shutdown, etc.) are blocked - Audit logging — all auth attempts and scope denials recorded
- Vault integration — secrets and configs stored securely, never in plaintext
| Environment Variable | Description |
|---|---|
AGENT_ID |
Unique agent identifier |
AGENT_TOKEN |
Authentication token for signed requests |
DASHBOARD_URL |
Remote dashboard URL |
VAULT_ADDRESS |
HashiCorp Vault server URL |
UPDATE_SERVER_URL |
Remote update server for version checks |
COMPOSE_AGENT_ENABLED |
Enable compose-agent mode |
METRICS_INTERVAL_SECS |
Metrics collection interval |
- Fork the repo
- Create a feature branch from
testing - Run
cargo fmt --all && cargo clippy -- -D warnings - Open a PR against
testing
See LICENSE for details.
Built with Rust. Maintained by TryDirect.