Cenvero Fleet Docs

One controller. Two transport modes. Full control — no cloud required.

Controller binary

The fleet binary manages servers, services, logs, alerts, keys, and updates from your local machine.

Agent binary

The fleet-agent binary runs on each managed server. Installed automatically or manually.

Direct mode

Controller SSHes into the agent on demand. Use when the controller can reach the server.

Reverse mode

Agent dials out to the controller. Use when the server is behind NAT or a firewall.

Install

Pick your preferred method. The controller is a single static binary — no runtime dependencies.

Homebrew recommended

brew tap cenvero/fleet && brew install cenvero-fleet

or one-liner: curl -fsSL https://fleet.cenvero.org/install | sh

# Upgrade anytime with brew upgrade cenvero-fleet. All archives are minisign-verified before install.

One-liner

curl -fsSL https://fleet.cenvero.org/install | sh

# Detects your CPU arch, verifies the minisign signature, installs to /usr/bin/fleet. Also available via Homebrew — brew tap cenvero/fleet && brew install cenvero-fleet

PowerShell

irm https://fleet.cenvero.org/install.ps1 | iex

# Run from an elevated PowerShell prompt. Installs to %ProgramFiles%\fleet and adds it to PATH.

To build from source: git clone https://github.com/cenvero/fleet && make build (Go 1.24+)

Release verification — all release archives are signed with minisign. The installer verifies the signature against the embedded public key before swapping the binary. You can also verify manually with minisign -Vm fleet.tar.gz -p minisign.pub.

Initialize

Run once on the machine that will act as the controller:

fleet init

Creates the config directory (default ~/.cenvero-fleet/), generates Ed25519 controller keys, initialises the SQLite databases, and writes config.toml.

Note — all fleet commands are blocked until fleet init has been run. Running any other command first will print a clear error with the correct next step.

Verify everything looks right:

fleet status
fleet config show

Add a Server

Run fleet server add with no arguments to be guided through a step-by-step prompt, or pass the name and address directly:

# Interactive — prompts for all details
fleet server add

# Non-interactive
fleet server add web-01 192.0.2.10

# Reverse mode (agent dials out to controller)
fleet server add edge-01 unknown --mode reverse

Interactive mode asks for name, address, transport mode, login credentials, SSH port, and sudo preference — Enter accepts each default.

Server add flags

Flag	Default	Description
`--mode`	direct	Transport mode: `direct` or `reverse`
`--port`	2222	Fleet agent port on the remote server
`--user`	root	SSH user the agent runs as
`--login-user`	—	Login user for agent auto-install
`--login-port`	22	SSH port for the initial login
`--login-key`	—	SSH private key for login (defaults to fleet key)
`--login-password`	—	SSH password for login
`--sudo`	false	Use sudo if login user is not root
`--no-agent`	false	Skip agent auto-install (register only)

Server management commands

fleet server list
fleet server show web-01
fleet server reconnect web-01
fleet server bootstrap web-01
fleet server remove web-01

Auto-install Agent

For direct-mode servers the agent is automatically installed by default. The CLI shows an install preview and asks for confirmation before SSHing in.

# Fully interactive
fleet server add

# Key auth
fleet server add web-01 192.0.2.10 \
  --login-user root \
  --login-key ~/.ssh/id_ed25519

# Password auth with sudo
fleet server add web-01 192.0.2.10 \
  --login-user ubuntu \
  --login-password mypassword \
  --sudo

# Register only — skip agent install
fleet server add web-01 192.0.2.10 --no-agent

The auto-install flow:

Shows a preview of files and services that will be created
SSHes to the server using the provided login credentials
Detects CPU architecture via uname -m
Downloads the correct fleet-agent binary from GitHub
Installs to /opt/cenvero-fleet/fleet-agent
Creates and enables a cenvero-fleet-agent.service systemd unit
Starts the service and registers the server in the controller

Linux only — auto-install requires systemd. For macOS or Windows agents, pass --no-agent and follow the manual setup instructions printed after registration.

Teardown

fleet server remove web-01

Stops and disables fleet-agent.service, removes the binary, and deletes the server record.

Transport Modes

Direct mode

Controller initiates SSH to the agent on each operation. Server must be reachable. Best for same-network or public-IP servers.

Reverse mode

Agent dials out and holds the connection open. Controller sends RPCs through the tunnel. Best for NAT'd or firewalled servers.

Mix both modes freely. Start the controller daemon for reverse sessions:

fleet daemon

Start a reverse agent on the remote server:

fleet-agent reverse \
  --controller controller.example.com:9443 \
  --server-name edge-01

Shell Access

Open an interactive root shell on any managed server:

fleet ssh web-01

Connects to the agent's SSH port (default 2222) using the fleet controller key — no separate SSH credential management needed. The host fingerprint is shown only on the first connect; subsequent connects are silent unless the key changes.

Persistent sessions — shell sessions survive network drops. If the connection is lost, fleet prints a reconnect notice and retries automatically (3 attempts, 5 s gap). Typing exit ends the session cleanly with no retry loop.

Run Commands

Run a one-off command on a single server:

fleet exec web-01 uptime
fleet exec web-01 "df -h /"
fleet exec web-01 "systemctl status nginx"

Run across all servers concurrently:

fleet exec --all uptime
fleet exec --all "free -m"
fleet exec --all "apt list --upgradable 2>/dev/null | head"

Output is prefixed with the server name. Commands run via /bin/sh -c on the agent.

Services

Track and control systemd services on Linux agents. linux

Track a service

# Add with log file tracking
fleet service add web-01 nginx.service \
  --log /var/log/nginx/access.log \
  --critical

fleet service list web-01

Control services

fleet service start   web-01 nginx.service
fleet service stop    web-01 nginx.service
fleet service restart web-01 nginx.service

Logs

Read tracked service logs live or from the controller-side cache.

Live stream

fleet service logs web-01 nginx.service
fleet service logs web-01 nginx.service --follow

Cached logs

The controller caches log segments locally — access them even when the server is offline:

fleet service logs web-01 nginx.service --cached

Retention is configurable by size, count, and age in config.toml.

Firewall & Ports

Manage UFW rules and open/close ports on Linux agents. linux

Firewall

fleet firewall status  web-01
fleet firewall enable  web-01
fleet firewall disable web-01
fleet firewall add     web-01 "allow 443/tcp"
fleet firewall remove  web-01 "allow 443/tcp"

Ports

fleet port list  web-01
fleet port open  web-01 443
fleet port close web-01 443

Alerts

Fleet evaluates metric thresholds and fires alerts when servers breach them.

# List active alerts
fleet alerts

# Filter by server
fleet alerts --server web-01

# Acknowledge
fleet alerts ack <id>

# Suppress for a duration
fleet alerts suppress <id> --for 6h

Dashboard

Full-terminal TUI with multiple panels:

fleet dashboard

Panel	Description
Overview	Controller status, server count, alert summary
Servers	Per-server health, mode, last seen, metrics
Services	Service status across all tracked servers
Logs	Recent log lines, cached and live
Alerts	Active alerts with ack and suppress actions
Ops	Quick access to common operations

Arrow keys + Tab to navigate. Mouse supported. q or Ctrl+C to exit.

Keys

The controller uses Ed25519 keys for SSH authentication.

# Show controller key fingerprint
fleet key fingerprint

# Export public key (for manual authorized_keys setups)
fleet key export-pub

# View key-related audit events
fleet key audit

# Rotate across the whole fleet
fleet key rotate

Key rotation supports both direct and reverse fleets. The result includes rotated_servers (keys updated) and verified_servers (new key confirmed working via live test before old key removed). A failed verification triggers automatic rollback — no server is ever locked out.

Backup & Recovery

Create a timestamped backup of the entire config directory:

# Default output: fleet-backup-<timestamp>.tar.gz
fleet backup

# Custom path
fleet backup --output /backups/fleet-20260418.tar.gz

After reinstalling or migrating to a new machine, re-attach fleet to the existing config directory:

fleet recover --from-dir /path/to/old-config

fleet recover checks database connectivity, verifies the config is readable, and warns if the running binary version doesn't match what last used this config. Use --skip-version-check only if you know what you are doing.

Updates

Fleet manages its own updates. The default policy is notify-only — the controller checks for updates and reports available versions but does not apply them automatically. Set policy: auto-update in config.toml to apply updates automatically when the daemon is running.

# Check for available updates
fleet update check

# Apply the latest release
fleet update apply

# Roll back to the previous version
fleet update rollback

# Switch channel
fleet update channel stable
fleet update channel beta

Channels: stable, beta, alpha. All artifacts are signature-verified before applying.

Homebrew installs — fleet update apply skips self-update when installed via Homebrew and shows the correct brew upgrade cenvero-fleet hint. Agents are still updated regardless.

Configuration

# Show / validate
fleet config show
fleet config validate

# Backup and restore (via config subcommand)
fleet config backup
fleet config restore <file>

# Export / import (JSON migration path)
fleet config export
fleet config import <file>

Database backend

Default is SQLite. Shift to PostgreSQL, MySQL, or MariaDB:

fleet database show
fleet database shift \
  --backend postgres \
  --dsn 'postgres://user:pass@host:5432/fleet?sslmode=require'

Config Migrations

When fleet adds or removes options from the init wizard across versions, your existing config.toml may be missing new settings or still carry old ones. Fleet detects this on every command and prints a hint:

⚠  Your fleet config (init_version=1) is behind this version (init_version=2).
   Run 'fleet adjust-init' to review and apply configuration changes.

Run the interactive migration wizard:

fleet adjust-init

Each pending change is shown as [✕] removed or [+] added with an explanation. The config is saved and stamped with the current migration version when done. Safe to run at any time.

All Commands

Command	Description
`fleet init`	Initialize controller config, keys, and databases
`fleet status`	Show controller status and server summary
`fleet dashboard`	Open the terminal dashboard TUI
`fleet daemon`	Start controller daemon (required for reverse mode)
`fleet server add [name] [ip]`	Register server and auto-install agent; `--no-agent` to skip
`fleet server list`	List all registered servers
`fleet server show <name>`	Show server details and last observed state
`fleet server reconnect <name>`	Force reconnect and refresh server info
`fleet server bootstrap <name>`	Run remote bootstrap script
`fleet server metrics <name>`	Show current server metrics
`fleet server remove <name>`	Remove server and tear down managed agent
`fleet ssh <name>`	Open interactive root shell
`fleet exec <name> <cmd>`	Run a command on one server
`fleet exec --all <cmd>`	Run a command on all servers concurrently
`fleet service add <server> <svc>`	Track a service
`fleet service list <server>`	List tracked services
`fleet service start\|stop\|restart <server> <svc>`	Control a service
`fleet service logs <server> <svc>`	Read or follow service logs
`fleet firewall status\|enable\|disable <server>`	Manage UFW
`fleet firewall add\|remove <server> <rule>`	Add or remove a UFW rule
`fleet port list\|open\|close <server> <port>`	Manage open ports
`fleet alerts`	List active alerts
`fleet alerts ack <id>`	Acknowledge an alert
`fleet alerts suppress <id>`	Suppress an alert
`fleet key fingerprint`	Show controller key fingerprints
`fleet key export-pub`	Export controller public keys
`fleet key audit`	Show key-related audit events
`fleet key rotate`	Rotate key across all servers (direct + reverse)
`fleet update check\|apply\|rollback`	Manage controller updates
`fleet update channel <name>`	Set update channel (stable, beta, alpha)
`fleet backup`	Back up the config directory to a tar.gz archive
`fleet recover --from-dir <path>`	Re-attach to existing config after reinstall or migration
`fleet adjust-init`	Apply pending config migrations after a fleet upgrade
`fleet config show\|validate\|backup\|restore`	Manage config
`fleet database show\|shift`	Inspect or migrate database backend
`fleet template list\|apply`	Manage server templates
`fleet self-uninstall`	Remove fleet binary and config directory

Directory Layout

Default location: ~/.cenvero-fleet/

~/.cenvero-fleet/
├── config.toml          # controller configuration
├── instance.id          # stable instance identifier
├── keys/
│   ├── id_ed25519       # controller private key
│   ├── id_ed25519.pub
│   ├── known_hosts      # pinned agent host keys (TOFU)
│   ├── agents/          # pinned reverse-agent public keys
│   └── rotations/       # archived key material from past rotations
├── servers/             # per-server TOML records
├── templates/           # reusable server templates
├── logs/
│   ├── _aggregated/     # cached remote log segments
│   └── _audit.log       # controller audit log
├── alerts/              # alert state store
├── data/
│   ├── state.db         # server and service state
│   ├── metrics.db       # metrics history
│   ├── events.db        # event log
│   └── control.token    # per-session secret for local control socket
├── backups/             # config backup archives
└── tmp/