Lightweight deployment for edge devices and homelabs.
Flare replaces complex CI/CD pipelines with a single-binary toolchain built for IoT, Raspberry Pi, and local servers.
No dependencies. No Python, Node.js, or Docker required on target devices.
- Push-to-Deploy: Ship from laptop to device in seconds
- Auto-Discovery: Finds devices via UDP broadcast
- Built-in Gateway: Reverse proxy for static sites and apps
- Secure: TLS encryption by default
- Works Everywhere: GitHub, GitLab, Forge, or any other git.
- Database Support: Auto-setup PostgreSQL, MySQL, or SQLite
- Rollback: Built-in versioning and rollback system
- Hooks: Run custom scripts before/after deployment
- Isolation: SystemD or chroot process isolation
Download from Releases or build:
cargo build --releaseRun on your Raspberry Pi, VPS, or homelab server:
flared
# Listens on :7530 (TCP) and :7001 (UDP discovery)Create flare.toml in your repo root:
[app]
name = "my-app"
version = "1.0.0"
[run]
command = "node server.js"
port = 3000# Auto-discover device in local network
flare deploy user/my-project
# Or specify host
flare deploy user/my-project --host 192.168.1.100
# With GitHub
flare deploy user/my-project --github --token ghp_xxxxx
# With custom forge
flare deploy user/my-project --forge http://{ip}## Quick Start
### 1. Install
Download from [Releases](https://github.com/Velooroo/flare/releases) or build:
```bash
cargo build --releaseflared
# Listens on :7530 (TCP) and :7001 (UDP discovery)Git credentials (for downloading repos):
flare login
Username: your-username
Password: your-git-(token or password)Device registration (auto-generates secure token):
flare discover
# [0] 192.168.1.50:7530 (new)
flare sync 0
# Registering token... ✓
# Name: raspberrypi
# ✓ SavedCreate flare.toml in repo root:
[app]
name = "my-app"
version = "1.0.0"
[run]
command = "node server.js"
port = 3000# Deploy to saved device
flare deploy user/my-project --device 0
## (I don't remember, it's works or not.)
# Or by name
flare deploy user/my-project --device raspberrypiflare start my_app # Start application
flare stop my_app # Stop application
flare restart my_app # Restart application
flare rollback my_app # Rollback to previous versionFlare uses dual authentication for security:
Used for downloading repositories from GitHub/Forgejo/etc.
flare login
Username: myuser
Password: ghp_xxxxx # GitHub token or Forge passwordStored in ~/.flare/auth.toml
Used for connecting to devices. Automatically generated during sync.
flare discover # Find devices
flare sync 0 # Generate and register tokenHow it works:
- CLI generates random 32-byte token
- Hashes it with argon2
- Sends hash to daemon
- Daemon stores hash in
~/.flare/daemon_tokens.toml - CLI stores plain token in
~/.flare/flare.conf
All future deploys use this token automatically.
# 1. Start daemon
cargo run --bin flared
# 2. Auth
cargo run --bin flare -- login
# Username: test
# Password: token123
cargo run --bin flare -- discover
cargo run --bin flare -- sync 0
# 3. Create test repo (or use existing)
mkdir test-app && cd test-app
echo 'console.log("Hello");' > index.js
cat > flare.toml << EOF
[app]
name = "test"
version = "1.0.0"
[run]
command = "node index.js"
EOF
git init && git add . && git commit -m "init"
# Push to your forge
# 4. Deploy
cargo run --bin flare -- deploy youruser/test-app --device 0
# 5. Manage
cargo run --bin flare -- stop test_app
cargo run --bin flare -- start test_app# Copy binaries to device
scp target/release/flared pi@192.168.1.100:/usr/local/bin/
# SSH and start daemon
ssh pi@192.168.1.100 "flared"
# From local machine
flare discover
flare sync 0
flare deploy user/repo --device 0"No devices configured"
→ Run flare discover && flare sync 0 first
"Invalid token"
→ Re-sync device: flare sync 0 and replace token
"App not found"
→ Use _ in app names: flare stop user_repo not user/repo (already fix it)
Connection refused
→ Check firewall: sudo ufw allow 7530/tcp && sudo ufw allow 7001/udp
start command fails
→ Only works for apps with [run] section (static sites not supported yet, see #1)
- App names with
/must use_in management commands [#2] -
flare startdoesn't work for static sites ([web]only apps) [#1] - Gateway reverse proxy not implemented (static sites only)
CLI (your laptop) Daemon (target device)
| |
| 1. Package repo |
|------------------------------->|
| | 2. Download archive
| | 3. Extract to ~/.flare/apps/
| | 4. Read flare.toml
| | 5. Run [build] if present
| | 6. Setup [database] if present
| | 7. Start [run] or register [web]
|<-------------------------------|
| 8. Receive success/error |
File Structure:
~/.flare/
├── apps/
│ └── user_repo/
│ ├── current -> versions/1234567890/
│ ├── versions/
│ │ ├── 1234567890/ # Current deployment
│ │ └── 1234567880/ # Previous (for rollback)
│ ├── state.toml # App state (PID, status)
│ └── flare.toml # App config
└── auth.toml # Optional: saved credentials
Flare uses TLS for all connections between CLI and daemon.
Auto-generates self-signed certificates. No configuration needed.
Set environment variables:
FLARE_TLS_CERT=/etc/letsencrypt/live/yourdomain/fullchain.pem
FLARE_TLS_KEY=/etc/letsencrypt/live/yourdomain/privkey.pemOr in .env:
FLARE_TLS_CERT=/path/to/cert.pem
FLARE_TLS_KEY=/path/to/key.pemDaemon automatically loads certificates on startup.
Flare daemon includes an HTTP gateway on port 80 that:
- Serves static sites by domain (
[web]section) - Proxies to running apps (coming soon)
- Handles virtual hosts automatically
Example:
[web]
domain = "mysite.local"
root = "./public"Access via http://mysite.local (add to /etc/hosts or use local DNS).
- IoT Edge Deployments: Deploy to Raspberry Pi fleet
- Homelab CI/CD: Simple alternative to Jenkins/GitLab CI
- Prototype Hosting: Quick deploys to VPS without containers
- Cyberdeck Development: Build and deploy on the go
- Education: Learn deployment without Kubernetes complexity
- Basic deploy workflow
- Database auto-setup (PostgreSQL, MySQL, SQLite)
- Static site gateway (HTTP :80)
- Health checks (single check on deploy)
- Rollback system (version backup/restore)
- Start/Stop/Restart via daemon
- Auto-generated secure tokens (argon2)
- Dual authentication (git + daemon)
- UDP discovery
- Device management (sync, list, remove)
- TLS encryption (self-signed + custom certs)
- Deployment hooks (pre/post)
- Process isolation (systemd, chroot)
- Gateway reverse proxy for APIs ([#3])
- Fix start command for
[web]only apps ([#1]) - Auto-normalize app names with
/([#2]) - Continuous health monitoring (not just on deploy)
- Deploy to multiple devices (
--device all) - Logs command (
flare logs myapp --follow) - Auto health endpoint injection
- Environment variable management UI
- Web dashboard
- Metrics collection & visualization
- Canary deployments
- Blue-green deployment strategy
- Multi-instance deployments (load balancing)
- Plugin system
- Windows daemon support
- Container support (optional, for isolation)
- Notifications (email, Telegram, webhooks)
- Storage integration (S3, MinIO)
- Resource limits enforcement
- Auto-scaling
- CLI autocomplete
- Configuration validation (
flare check)
- GitOps mode (watch repo for changes)
- Secrets encryption at rest
- Service mesh integration
- ARM64 optimizations
- Edge function runtime
- Built-in monitoring agent
Check examples/ directory for production-ready configs:
nodejs-api.toml- Express.js APIpython-flask.toml- Flask applicationrust-actix.toml- Actix web serverstatic-site.toml- React/Vue/Svelte build outputfullstack.toml- App with database and build steps
Contributions welcome! Please:
- Fork the repo
- Create feature branch
- Test locally
- Submit PR
Apache-2.0 © VeloroLABS