Server-side CLIs

This directory documents the binaries operators run to host an exd-server.

Binary	When to reach for it
`exd-server`	The HTTP service itself. Run it as a daemon.
`exd-server-admin`	The operator CLI for bootstrap, migration, tenants, namespaces, and tokens.

A third binary, exd-server-git-hook, is invoked by exd-server during git-push and is not user-facing.

Audience boundary

The exd CLI (one directory up, exd/) is for developers and agents who author flags and consume evaluation telemetry. Everything in this server/ directory is for operators — the people who run the service.

Operators do not need exd. Developers do not need exd-server*. Keep the two installs separate; they have different dependency footprints and different access requirements (operators need filesystem access to the DB, git root, and signing key).

Lifecycle

First-time setup.
- exd-server-admin bootstrap — initialize the DB and mint the first superadmin token.
- exd-server — start the daemon.
Onboard a tenant.
- exd-server-admin tenant create
- exd-server-admin namespace create for each flag namespace
- exd-server-admin token mint for each CI / SDK consumer
Daily operations.
- Token audit: exd-server-admin token list
- Token rotation: exd-server-admin token revoke + a fresh mint
Binary upgrade.
- Stop exd-server
- exd-server-admin migrate
- Start the new exd-server

Environment variables

Variable	Read by	Default	Notes
`EXD_DB_PATH`	both	`./exd.sqlite`	SQLite database file.
`EXD_LISTEN`	`exd-server`	`127.0.0.1:8080`	Listen address.
`EXD_GIT_ROOT`	`exd-server`	`./exd-data/git`	One bare git repo per flag namespace.
`EXD_GIT_HOOK_BINARY`	`exd-server`	sibling of `exd-server`	Path to `exd-server-git-hook`.
`RUST_LOG`	`exd-server`	`info`	Tracing filter (e.g. `info,exd_server=debug`).

See each command page for command-specific flags and overrides.

Audience boundary​

Lifecycle​

Environment variables​

See also​

Audience boundary

Lifecycle

Environment variables

See also