Skip to content
Last updated July 2, 2026

Server CLI

The HostAtlas Server CLI is an opinionated on-server tool that fetches infrastructure recipes from your HostAtlas platform, prompts for parameters, executes them locally, and reports the result back for full audit logging.

Think wrangler for Cloudflare — but for server management.

$ hostatlas create vhost
Domain: example.com
Document Root: /var/www/example
PHP Version: 8.3
Enable SSL: yes
→ Fetching recipe "create_vhost" from HostAtlas...
→ Step 1: Create document root
mkdir -p /var/www/example
✓ Done
→ Step 2: Generate nginx vhost config
✓ Done
→ Step 3: Issue SSL certificate
certbot certonly --nginx -d example.com
✓ Done
→ Step 4: Reload nginx
systemctl reload nginx
✓ Done
✓ Recipe completed successfully (4 steps)

The CLI fetches the recipe from your HostAtlas platform, prompts for each parameter, executes each step locally, and reports the full transcript (stdout / stderr / exit codes) back for the audit trail.

  • HostAtlas Agent installed on the server (/etc/hostatlas/agent.yml must exist)
  • Agent must be registered and connected to your HostAtlas instance

The Server CLI uses the same agent token from /etc/hostatlas/agent.ymlno separate login required. If the agent is installed, the CLI works.

Terminal window
curl -sSL https://install.hostatlas.app/server-cli.sh | sudo bash

The installer detects your OS + architecture, downloads the matching binary from install.hostatlas.app/server-cli/latest/, verifies its SHA-256 checksum, and drops it at /usr/local/bin/hostatlas.

The top-level https://install.hostatlas.app/server-cli/version.json carries the full list under binaries[] (filename, size, sha256, url) for scripted installs.

Terminal window
hostatlas

Displays the HostAtlas banner, server info, and all available commands fetched from your platform.

Terminal window
hostatlas list

Shows a detailed table of all available CLI recipes grouped by category.

Terminal window
hostatlas <group> <action>

The <group> <action> pair maps to the recipe tag <group>_<action>. Examples:

CommandCLI TagWhat it does
hostatlas create vhostcreate_vhostCreate nginx / apache virtual host
hostatlas enable sslenable_sslIssue Let’s Encrypt certificate
hostatlas create databasecreate_databaseCreate MySQL / PostgreSQL database + user
hostatlas create usercreate_userCreate system user with SSH key
hostatlas enable firewallenable_firewallSet up UFW firewall rules
hostatlas deploy laraveldeploy_laravelGit clone + composer + migrate
hostatlas setup redissetup_redisInstall and configure Redis
hostatlas run backuprun_backupExecute a backup script
hostatlas update systemupdate_systemapt update + upgrade
hostatlas flush cachesflush_cachesClear Laravel / app caches

The above are examples — actual available commands depend on which recipes are enabled for the CLI in your dashboard.

Terminal window
hostatlas version

Recipes can define parameters with placeholders like {{domain}}. The CLI prompts for each interactively:

$ hostatlas create vhost
Domain: example.com
Document Root [/var/www]: /var/www/example
PHP Version [8.3]:
Enable SSL (y/n) [y]:
  • Required parameters must be filled
  • Default values shown in [brackets]
  • Password fields are masked as they’re typed
  • Boolean fields accept y / n

Commands are managed in your HostAtlas dashboard under Recipes / Scripts. Any recipe with a CLI Tag set becomes available in the Server CLI:

  1. Go to Recipes / Scripts in your HostAtlas dashboard
  2. Create or edit a recipe
  3. Set the CLI Tag (e.g. deploy_app)
  4. Set the CLI Group (e.g. deploy)
  5. Set the CLI Description (shown in hostatlas list)
  6. The command is immediately available on every server that has the Server CLI installed: hostatlas deploy app

No re-install or restart needed on the server side — the recipe list is fetched at each hostatlas invocation.

Every command execution is reported back to the platform:

  • Recipe name and parameters used
  • Full stdout / stderr for each step
  • Exit code and success / failure status
  • Timestamp and hostname

View execution history in Recipes / Scripts → History in your dashboard.

The Server CLI reads from the agent’s config file — no additional configuration needed:

/etc/hostatlas/agent.yml
agent_id: "your-agent-id"
agent_token: "your-agent-token"
api_url: "https://api.hostatlas.app"
  • Commands execute locally on the server — no remote execution surface, no reverse tunnel
  • Only recipes from your HostAtlas tenant are visible or runnable
  • All executions logged in the HostAtlas audit trail (parameter values, output, exit code, timestamp, server)
  • Agent-token authentication — same security model as the agent’s own communication
  • Parameter values escaped before command substitution to defeat injection attempts
  • Agent — required prerequisite; provides the auth token
  • CLI — desktop counterpart for managing multiple servers from your laptop
  • Automations — where recipes are defined and tagged for the CLI
Was this page helpful?