Execute commands and run scripts via HTTP APIs.
Exec API enables the execution of predefined commands and scripts remotely on your servers via HTTP APIs. Please use with caution; see Best Practice section below for recommend usage.
Some use-cases I use this for:
- CI/CD automation & automated deployments, IoT commands, health checks, running scheduled tasks across nodes
- Copy
config.json.sample
toconfig.json
- Update the key value (used for authorizing API requests), and the
commands
as necessary - Run execapi. Either by,
- Grabbing the latest release from the Releases page
- Or, building and running
execapi
Building and running
go build -o execapi .
./execapi
Arguments:
./execapi --config /apps/execapi.config.json --listen 0.0.0.0:8081
config
: path to config.json (default "config.json")listen
: address to listen on (default "localhost:8080")
Run Exec API on the server you'd like to execute commands or scripts.
Assuming you have an application at /home/user/apps/appx
that has a script deploy.sh
in the directory, you can use the ./config.json.sample as the config.json.
Update commands
to add different options as desired.
curl -X POST http://localhost:8080/run/appx -H "Authorization: Bearer EXECAPI_KEY"
This will attempt to run the script for the app named "appx".
Responds with http 200 (success) if command execution succeeds, or http 400 (with failure error) on failure.
Request full execution logs with ?verbose=1
, for example:
curl -X POST http://localhost:8080/run/appx?verbose=1 -H "Authorization: Bearer EXECAPI_KEY"
Yes, this also works on Windows, simply provide the directory path in the config.json eg "dir": "C:\\myapps\\appx"
, and the executable as the script eg "script": "commandx.exe"
.
Please consider configuring Exec API to only be accessible by intended clients. While using pre-defined commands via config.json
restricts what can be done, it still allows a client to initiate process execution (even though intended) on your servers.
- Access control: For example, using tailscale and ufw to only allow desired access:
- Logging and Monitoring: Set up logging and monitoring to keep track of access
- Use HTTPS: Secure communication between the client and server with HTTPS