This page provides detailed documentation for all API endpoints. All endpoints require authentication unless otherwise noted.
Deployments
/api/deployments List all deployments.
Response
[
{
"name": "my-wordpress",
"path": "/var/flatrun/deployments/my-wordpress",
"status": "running",
"created_at": "2024-01-01T00:00:00Z",
"services": [
{"name": "wordpress", "status": "running", "health": "healthy"}
]
}
]/api/deployments/:name Get detailed information about a specific deployment.
Parameters
name— Deployment name
/api/deployments Create a new deployment.
Request Body
{
"name": "my-app",
"template_id": "wordpress", // Optional: use template
"compose": "...", // Optional: raw compose content
"port": 8080, // Optional: external port
"auto_start": true // Optional: start after creation
}/api/deployments/:name/start Start a stopped deployment.
/api/deployments/:name/stop Stop a running deployment.
/api/deployments/:name/restart Restart a deployment.
/api/deployments/:name Delete a deployment.
Query Parameters
remove_files— Also delete deployment directory (default: false)
/api/deployments/:name/logs Get deployment logs.
Query Parameters
service— Filter by service nametail— Number of lines (default: 100)follow— Stream logs (SSE)
/api/deployments/:name/stats Get resource usage statistics for all containers in deployment.
Domains (Multi-Domain)
/api/deployments/:name/domains List all domains configured for a deployment.
/api/deployments/:name/domains Add a new domain to a deployment.
Request Body
{
"service": "web",
"domain": "blog.example.com",
"port": 80,
"path": "/",
"strip_prefix": false,
"ssl": {
"enabled": true
},
"aliases": ["www.blog.example.com"]
}/api/deployments/:name/domains/:domainId Update an existing domain configuration.
/api/deployments/:name/domains/:domainId Remove a domain from a deployment.
Containers
/api/containers List all Docker containers.
Query Parameters
all— Include stopped containers (default: true)
/api/containers/:id/start Start a container.
/api/containers/:id/stop Stop a container.
/api/containers/:id/restart Restart a container.
/api/containers/:id Remove a container (must be stopped).
/api/containers/:id/logs Get container logs.
Templates
/api/templates List all available templates.
/api/templates/categories Get template categories with counts.
/api/templates/refresh Reload templates from disk.
/api/templates/:id/compose Get template's docker-compose.yml content.
Certificates
/api/certificates List all SSL certificates.
/api/certificates Request a new SSL certificate.
Request Body
{
"domain": "example.com"
}/api/certificates/renew Renew all expiring certificates.
/api/certificates/:domain Delete a certificate.
Proxy
/api/proxy/status/:name Get proxy configuration status for a deployment.
/api/proxy/setup/:name Configure reverse proxy for a deployment.
Request Body
{
"domain": "app.example.com",
"port": 80,
"ssl": true
}/api/proxy/:name Remove proxy configuration.
Databases
/api/databases/test Test database connection.
/api/databases/list List all databases on the server.
/api/databases/tables List tables in a database.
Request Body
{
"database": "myapp"
}/api/databases/query Execute a SQL query.
Request Body
{
"database": "myapp",
"query": "SELECT * FROM users LIMIT 10"
}/api/databases/create Create a new database.
/api/databases/users/create Create a database user.
/api/databases/privileges/grant Grant privileges to a user.
Infrastructure
/api/infrastructure List infrastructure services.
/api/infrastructure/:name/start Start an infrastructure service.
/api/infrastructure/:name/stop Stop an infrastructure service.
Security
/api/security/stats Get security statistics overview.
/api/security/events List security events with pagination and filtering.
Query Parameters
type— Filter by event typesource_ip— Filter by source IPdeployment— Filter by deploymentstart_time— Start of time range (RFC3339)end_time— End of time range (RFC3339)limit— Number of results (default: 50)offset— Pagination offset
/api/security/events/:id Get a single security event by ID.
/api/security/cleanup Remove old security events.
Request Body
{
"older_than": 604800 // Seconds
}/api/security/blocked-ips List all blocked IP addresses.
/api/security/blocked-ips Block an IP address.
Request Body
{
"ip": "192.168.1.100",
"reason": "Suspicious activity",
"duration": 86400 // Seconds (optional)
}/api/security/blocked-ips/:ip Unblock an IP address.
/api/security/ips/:ip/events Get all security events for a specific IP.
/api/security/protected-routes List all protected routes.
/api/security/protected-routes Add a protected route.
Request Body
{
"path": "/admin",
"method": "ALL",
"auth_type": "basic",
"credentials": "admin:secret",
"deployment": "my-app"
}/api/security/protected-routes/:id Update a protected route.
/api/security/protected-routes/:id Delete a protected route.
/api/security/whitelist List whitelist entries.
/api/security/whitelist Add a whitelist entry.
Request Body
{
"type": "ip", // ip, cidr, or path
"value": "10.0.0.0/8",
"description": "Internal network"
}/api/security/whitelist/:id Remove a whitelist entry.
/api/security/realtime-capture Get real-time capture status.
/api/security/realtime-capture Enable or disable real-time capture.
Request Body
{
"enabled": true
}/api/security/refresh Regenerate Lua scripts and reload nginx.
/api/deployments/:name/security Get security settings for a deployment.
/api/deployments/:name/security Update deployment security settings.
Backups
/api/backups List all backups.
Query Parameters
deployment— Filter by deployment name
/api/backups/:id Get backup details.
/api/backups Create a backup.
Request Body
{
"deployment_name": "my-wordpress",
"include_files": true,
"include_database": true,
"exclude_patterns": ["*.log", "cache/*"],
"description": "Pre-upgrade backup"
}Response
{
"job_id": "backup-123456",
"message": "Backup job started"
}/api/backups/:id Delete a backup.
/api/backups/:id/download Download backup archive.
/api/backups/:id/restore Restore from a backup.
Request Body
{
"target_name": "my-wordpress",
"restore_database": true,
"restore_files": true,
"auto_start": true
}/api/backups/jobs List backup/restore jobs.
/api/backups/jobs/:id Get job status.
/api/deployments/:name/backups List backups for a deployment.
/api/deployments/:name/backup-config Get backup configuration for a deployment.
/api/deployments/:name/backup-config Update backup configuration for a deployment.
Request Body
{
"enabled": true,
"schedule": "0 2 * * *",
"retention": 7,
"include_database": true,
"exclude_patterns": ["*.log"]
}Scheduler
/api/scheduler/tasks List scheduled tasks.
Query Parameters
deployment— Filter by deployment name
/api/scheduler/tasks/:id Get scheduled task details.
/api/scheduler/tasks Create a scheduled task.
Request Body
{
"deployment_name": "my-wordpress",
"task_type": "backup",
"cron_expr": "0 2 * * *",
"action": "",
"description": "Daily backup at 2 AM"
}/api/scheduler/tasks/:id Update a scheduled task.
/api/scheduler/tasks/:id Delete a scheduled task.
/api/scheduler/tasks/:id/run Execute a task immediately.
/api/scheduler/tasks/:id/executions Get execution history for a task.
/api/scheduler/executions Get recent executions across all tasks.
Users
/api/users/me Get current authenticated user.
/api/users/me Update current user profile.
/api/users/me/password Change current user password.
Request Body
{
"current_password": "old-password",
"new_password": "new-password"
}/api/users List all users (admin only).
/api/users/:id Get user details.
/api/users Create a new user.
Request Body
{
"username": "john",
"email": "john@example.com",
"password": "secure-password",
"role": "operator",
"permissions": ["deployments:read", "deployments:write"]
}/api/users/:id Update a user.
/api/users/:id Delete a user.
/api/users/:id/deployments Get deployments assigned to a user.
/api/users/:id/deployments Assign a deployment to a user.
Request Body
{
"deployment_name": "my-app",
"access_level": "write" // read, write, or admin
}/api/users/:id/deployments/:name Update deployment access level for a user.
/api/users/:id/deployments/:name Remove deployment access from a user.
/api/deployments/:name/users Get users with access to a deployment.
API Keys
/api/apikeys List API keys (user's own keys or all if admin).
/api/apikeys/:id Get API key details.
/api/apikeys Create a new API key.
Request Body
{
"name": "CI/CD Key",
"description": "For GitHub Actions",
"role": "operator",
"permissions": ["deployments:read", "deployments:write"],
"deployments": ["my-app", "my-api"],
"expires_in": 2592000 // Seconds (optional)
}Response
{
"id": 1,
"key": "flatrun_xxxxxxxxxxxx", // Only shown once
"name": "CI/CD Key",
"created_at": "2024-01-01T00:00:00Z"
}/api/apikeys/:id Delete an API key.
/api/apikeys/:id/revoke Revoke an API key (deactivate without deleting).
Traffic
/api/traffic/logs Get traffic logs with filtering.
Query Parameters
deployment— Filter by deploymentmethod— HTTP method (GET, POST, etc.)status_group— Status group (2xx, 4xx, 5xx)status_code— Specific status codesource_ip— Source IP addresspath— URL path patternstart_time— Start of time range (RFC3339)end_time— End of time range (RFC3339)limit— Number of results (default: 100)offset— Pagination offset
/api/traffic/stats Get aggregated traffic statistics.
/api/traffic/unknown-domains Get traffic stats for unknown domains.
/api/traffic/cleanup Remove old traffic logs.
/api/deployments/:name/traffic Get traffic stats for a specific deployment.
Audit
/api/audit/events List audit events with filtering.
Query Parameters
actor_id— Filter by actor IDactor_type— Filter by actor type (user, api_key, system)action— Filter by actionresource_type— Filter by resource typeresource_id— Filter by resource IDsuccess— Filter by success statusclient_ip— Filter by client IPstart_time— Start of time range (RFC3339)end_time— End of time range (RFC3339)limit— Number of results (default: 50, max: 1000)offset— Pagination offset
/api/audit/events/:id Get a single audit event.
/api/audit/stats Get audit statistics.
/api/audit/export Export audit events.
Request Body
{
"format": "json", // or "csv"
"actor_type": "user",
"start_time": "2024-01-01T00:00:00Z",
"end_time": "2024-01-31T23:59:59Z",
"limit": 1000
}/api/audit/cleanup Remove old audit events.
DNS
/api/dns/providers List available DNS providers.
/api/dns/powerdns/status Get PowerDNS service status.
/api/dns/powerdns/enable Enable PowerDNS service.
/api/dns/powerdns/disable Disable PowerDNS service.
/api/dns/powerdns/restart Restart PowerDNS service.
/api/dns/powerdns/zones List DNS zones.
/api/dns/powerdns/zones Create a DNS zone.
Request Body
{
"name": "example.com.",
"kind": "Master",
"nameservers": [
"ns1.example.com.",
"ns2.example.com."
]
}/api/dns/powerdns/zones/:zoneId Get zone details with records.
/api/dns/powerdns/zones/:zoneId Delete a DNS zone.
/api/dns/powerdns/zones/:zoneId Update zone records (RRSets).
Request Body
{
"rrsets": [
{
"name": "www.example.com.",
"type": "A",
"ttl": 3600,
"changetype": "REPLACE",
"records": [
{"content": "192.168.1.100", "disabled": false}
]
}
]
}Plugins & Registries
/api/plugins List available plugins.
/api/plugins/:name Get plugin details.
/api/plugins/:name/deployments Create a deployment from a plugin.
/api/registries List registry configurations.
/api/registries/:slug Get registry details.
/api/registries Create a registry configuration.
/api/registries/:slug Update a registry configuration.
/api/registries/:slug Delete a registry configuration.
Credentials
/api/credentials List credentials.
/api/credentials/:id Get credential details.
/api/credentials Create a credential.
Request Body
{
"name": "docker-hub",
"type": "docker-registry",
"credentials": {
"username": "myuser",
"password": "mytoken"
}
}/api/credentials/:id Update a credential.
/api/credentials/:id Delete a credential.
/api/credentials/:id/test Test credential validity.
System
/api/health Health check endpoint (no auth required).
Response
{
"status": "ok",
"version": "0.1.4",
"uptime": "24h30m"
}/api/settings Get current agent settings.
/api/settings Update agent settings.
/api/settings/security Update security settings.
/api/auth/status Get current authentication status.
/api/auth/login Authenticate and get a token.
Request Body
{
"username": "admin",
"password": "password"
}/api/auth/validate Validate current token.