Meta tags:
description= Frappe Server Manager. Contribute to frappe/pilot development by creating an account on GitHub.;
Headings (most frequently used words):
uh, oh, pilot, navigation, bench, install, the, saved, searches, frappe, to, your, files, footer, manual, setup, search, code, repositories, users, issues, pull, requests, provide, feedback, menu, use, filter, results, more, quickly, folders, and, latest, commit, history, repository, improvements, from, legacy, requirements, set, up, first, toml, commands, developing, apps, with, extending, cli, production, admin, ui, directory, layout, contributing, an, app, marketplace, testing, about, releases, packages, contributors, languages, running, as, root, fresh, vps, non, interactive, passwordless, sudo, guided, recommended, entry, format, what, security, scan, checks, resources, stars, watchers, forks,
Text of the page (most frequently used words):
bench (116), the (74), and (50), admin (47), pilot (29), #frappe (28), with (25), all (23), #production (21), install (20), github (19), for (18), this (17), run (17), user (17), app (17), setup (17), set (16), your (16), name (16), start (16), root (16), you (15), https (15), password (15), process (14), code (13), security (12), site (12), com (12), toml (12), workers (12), dev (12), sudo (12), new (11), apps (11), files (11), volume (11), use (11), python (10), tests (10), redis (10), true (10), branch (10), per (10), domain (10), mariadb (9), registry (9), benches (9), processes (9), tls (9), view (9), from (9), reload (8), manager (8), are (8), init (8), runs (8), yes (8), source (8), config (8), port (8), create (8), that (7), page (7), command (7), repo (7), one (7), sites (7), procfile (7), only (7), list (7), search (7), stop (7), http (7), false (7), gunicorn (7), openrc (7), supervisor (7), wizard (7), snapshot (7), when (6), url (6), none (6), version (6), default (6), localhost (6), nginx (6), zfs (6), settings (6), restart (6), 8002 (6), under (6), systemd (6), auto (6), session (6), commands (6), see (6), single (6), path (6), pool (6), disk (6), passwordless (6), enterprise (6), docs (5), status (5), navigation (5), error (5), stars (5), server (5), full (5), main (5), marketplace (5), file (5), logs (5), git (5), live (5), mode (5), via (5), support (5), first (5), web (5), another (5), pull (5), not (4), community (4), there (4), was (4), while (4), loading (4), please (4), repository (4), readme (4), integration (4), against (4), services (4), required (4), test (4), non (4), them (4), inside (4), format (4), automatically (4), branches (4), description (4), example (4), open (4), log (4), let (4), encrypt (4), memory (4), features (4), built (4), running (4), ssl (4), enabled (4), development (4), alpine (4), etc (4), back (4), hello (4), clone (4), snapshots (4), dataset (4), issue (4), sign (4), build (4), deps (4), image (4), dedicated (4), requests (4), installer (4), curl (4), bash (4), actions (4), issues (4), can (3), manage (3), packages (3), resources (3), missing (3), get (3), system (3), injection (3), input (3), direct (3), environment (3), clones (3), what (3), scan (3), updates (3), developer (3), available (3), add (3), json (3), site1 (3), env (3), valid (3), toggle (3), database (3), task (3), cpu (3), remove (3), plain (3), scheduler (3), companion (3), keeps (3), requires (3), use_companion_manager (3), runner (3), enable (3), works (3), both (3), don (3), hand (3), max_requests (3), threads (3), process_manager (3), change (3), any (3), its (3), cli (3), terminal (3), generate (3), rebuild (3), assets (3), venv (3), needs (3), filesystem (3), backing (3), after (3), installs (3), creates (3), sudoers (3), whoami (3), instead (3), raw (3), githubusercontent (3), vps (3), more (3), workflows (3), commit (3), insights (3), signed (3), tab (3), window (3), refresh (3), saved (3), documentation (3), feedback (3), grade (3), copilot (3), platform (3), solutions (3), explore (3), time (2), share (2), footer (2), tags (2), report (2), forks (2), watchers (2), unit (2), pip (2), pytest (2), ignore (2), cov (2), dependencies (2), blocking (2), findings (2), merge (2), will (2), without (2), authorization (2), sql (2), template (2), semgrep (2), include (2), checks (2), tools (2), applications (2), category (2), png (2), logo (2), logo_url (2), installed (2), public (2), short (2), title (2), field (2), does (2), entry (2), every (2), virtualenv (2), pid (2), configs (2), layout (2), before (2), names (2), hostname (2), syntax (2), ports (2), read (2), step (2), history (2), restore (2), edit (2), filter (2), upstream (2), update (2), also (2), usage (2), opt (2), certificates (2), served (2), central (2), socket (2), write (2), fork (2), script (2), once (2), instance (2), needed (2), managers (2), tear (2), down (2), certs (2), flags (2), wide (2), omit (2), behind (2), generated (2), signs (2), tokens (2), jwt_secret (2), email (2), letsencrypt (2), malloc_arena_max (2), 120 (2), timeout (2), socketio (2), take (2), arguments (2), group (2), print (2), self (2), help (2), means (2), common (2), starts (2), then (2), opens (2), checkout (2), changes (2), export (2), itself (2), tag (2), destroy (2), prompts (2), calls (2), frontend (2), latest (2), download (2), rename (2), across (2), scaffold (2), size (2), created (2), var (2), explicit (2), device (2), shared (2), recycle (2), worker (2), used (2), manual (2), choose (2), recommended (2), initialized (2), based (2), through (2), echo (2), prompt (2), configures (2), below (2), zshrc (2), fssl (2), never (2), skip (2), freshly (2), everything (2), out (2), wget (2), apk (2), zero (2), legacy (2), environments (2), pyproject (2), pilot_zen (2), spec (2), claude (2), gitignore (2), todo (2), scripts (2), 976 (2), commits (2), last (2), message (2), menu (2), quality (2), projects (2), appearance (2), cancel (2), searches (2), repositories (2), business (2), advanced (2), topics (2), customer (2), devops (2), perform, action, personal, information, cookies, contact, privacy, terms, 2026, inc, other, javascript, vue, languages, contributors, releases, watching, custom, properties, activity, about, lifecycle, real, triggered, push, mocked, filesystems, network, term, coverage, testing, warning, severity, reported, but, prevent, reviewer, note, module, level, globals, scoping, multitenancy, violations, whitelist, methods, set_user, ignore_permissions, bypass, execute_in_shell, shell, subprocess, execution, strings, dynamic, construction, jinja2, render_template, safe_eval, compile, exec, eval, opened, specified, which, fail, leave, sync, job, utilities, integrations, extensions, compliance, square, svg, null, picks, shown, human, readable, display, unique, snake_case, identifier, notes, org, sentence, my_app, touches, automated, cannot, merged, until, passes, contributing, infra, cloned, txt, common_site_config, managed, pids, directory, forms, validate, submission, checked, urls, legal, characters, cron, expressions, numbers, 65535, range, check, apply, click, tabbed, linux, saves, restarts, affected, slow, queries, binary, viewer, multi, collapsible, output, tasks, tail, streaming, uptime, links, drop, backup, schedules, categories, selection, overview, quick, stats, dashboard, configurable, shows, buttons, displays, obtains, redirects, over, proxy, terminates, hidden, same, preloaded, master, copy, counterpart, selected, supervise, daemon, uses, units, loginctl, linger, systemctl, owned, supervisord, ops, whole, now, classmethod, factory, nest, subcommand, architecture, from_args, args, add_arguments, parser, def, receive, active, requires_bench, greeting, hellocommand, class, import, base, adding, creating, edits, subclass, declare, discovers, registering, extending, regenerates, backend, watch, foreground, normally, vite, building, watch_admin_js, reload_python, asset, watcher, watch_apps_js, tighter, loop, local, picked, next, pwd, working, developing, multiple, roll, named, show, return, obtain, securely, omitted, scoped, jwt, api, bearer, token, minute, link, regenerate, upgrade, reinstall, migrate, fails, fast, takes, rolls, failure, pre, force, free, old, framework, dir, state, each, lives, holding, data, bind, mounts, rollbacks, atomic, tracked, need, guide, 60g, lib, img, preallocated, sdb, discover, unused, fall, reused, exists, random, spread, max_requests_jitter, release, heap, disabled, cap, glibc, malloc, arenas, reduce, rss, unset, gthread, optional, serve, refuses, count, long, queues, 13000, your_root_password, root_password, 3306, host, 8000, erpnext, generates, admin_user, editor, initialization, progress, optionally, volumes, customize, between, detects, isn, browser, walks, three, steps, yet, launches, guided, installing, have, two, ways, configure, initialize, tee, chmod, 0440, nopasswd, many, answer, therefore, stops, immediately, instructions, hanging, manually, make, sure, has, line, sets, home, unattended, finish, silently, accept, defaults, off, bench_yes, bench_user, purpose, flag, pass, matching, variables, interactive, login, stays, ssh, key, covers, brand, box, rest, grant, reuse, whatever, meant, launch, provisioned, where, account, fresh, isolated, node, adds, bare, preinstalled, bootstrap, busybox, access, bootstraps, homebrew, macos, ubuntu, requirements, spare, storage, honcho, wherever, folder, stdlib, improvements, dependency, managing, docker, items, date, folders, additional, options, star, must, notification, notifications, dismiss, alert, switched, accounts, resetting, focus, qualifiers, our, query, results, quickly, submit, address, contacted, piece, very, seriously, provide, tips, clear, users, jump, pricing, premium, ons, powered, collections, trending, archive, program, accelerator, maintainer, lab, programs, fund, developers, sponsors, partners, trust, center, forum, skills, ebooks, reports, events, webinars, stories, type, software, topic, industries, government, manufacturing, financial, healthcare, industry, cases, devsecops, modernization, case, nonprofits, startups, small, medium, teams, enterprises, company, changelog, blog, why, leaks, they, secret, protection, secure, find, fix, vulnerabilities, application, review, plan, track, work, instant, codespaces, automate, workflow, integrate, external, mcp, agents, better, creation, content,
Text of the page (random words):
nches under pilot benches process manager honcho supervisor built in procfile runner python env pip virtualenv uv auto installed admin ui none built in app status sites logs task runner process memory cpu live settings storage root filesystem only dedicated disk or disk image no spare disk needed with per dataset snapshots requirements ubuntu 22 04 python 3 11 a user with sudo access alpine 3 20 apk openrc install sh bootstraps everything production runs under openrc process_manager openrc instead of systemd macos python 3 11 homebrew dev only no sudo setup install curl fssl https raw githubusercontent com frappe pilot main install sh bash on bare alpine no curl bash preinstalled bootstrap with busybox wget sh instead the installer apk installs git curl bash sudo and the build deps itself wget qo https raw githubusercontent com frappe pilot main install sh sh this single command clones pilot to pilot and adds bench to your path installs uv and node js if missing creates the isolated admin environment admin venv used by the setup wizard and admin ui configures passwordless sudo for your user see below running as root fresh vps bench is never meant to run as root if you launch the installer as root common on a freshly provisioned vps where root is the only account it will create or reuse a non root user frappe by default or whatever you choose grant that user passwordless sudo via etc sudoers d user re run the rest of the install as that user automatically no password is set for a freshly created user login stays ssh key based and passwordless sudo covers everything bench needs this also means a brand new vps user with no password set works out of the box non interactive install pass flags after or set the matching environment variables to skip all prompts flag env var default purpose user name bench_user frappe non root user to create use when run as root y yes bench_yes 1 off never prompt accept defaults unattended as root create use user frappe and finish silently curl fssl https raw githubusercontent com frappe pilot main install sh bash s user frappe y manual install git clone https github com frappe pilot pilot echo export path home pilot path zshrc source zshrc if you install manually make sure your user has passwordless sudo bench needs it see below the one line installer sets this up for you passwordless sudo bench init and the admin setup wizard install system packages and manage services through many sudo calls and the wizard runs them with no terminal it can t answer a password prompt bench therefore requires passwordless sudo for your user the installer configures it if it s missing bench init stops immediately with instructions instead of hanging to set it up by hand echo whoami all all nopasswd all sudo tee etc sudoers d whoami sudo chmod 0440 etc sudoers d whoami set up your first bench after installing you have two ways to configure and initialize a bench guided setup recommended bench new my bench scaffold a bench bench start not yet initialized launches the setup wizard bench start detects that the bench isn t initialized and opens a browser based wizard at http localhost 8002 the wizard walks you through three steps admin password password for the bench admin ui database choose between a dedicated mariadb instance default recommended or the shared system mariadb set the mariadb root user default root and password customize frappe branch repo optionally enable zfs volumes dedicated db only it then runs the full initialization with a live progress view manual setup bench new my bench creates bench toml editor benches my bench bench toml set admin password mariadb root password and admin_user if not root bench init b my bench installs deps creates venv clones frappe generates procfile bench get app https github com frappe erpnext branch version 16 bench new site site1 localhost bench start starts web workers redis and admin ui app http site1 localhost 8000 admin ui http localhost 8002 bench toml bench name my bench python 3 14 apps name frappe repo https github com frappe frappe branch version 16 mariadb host localhost port 3306 root_password your_root_password redis port 13000 workers queues default short long count 1 admin port 8002 password your admin password required admin refuses to start without this jwt_secret auto generated signs admin session tokens don t set by hand domain admin example com optional serve admin behind this domain via nginx tls false server wide https opt in let s encrypt false plain http production enabled true set by bench setup production process_manager supervisor systemd supervisor openrc use_companion_manager false run scheduler workers socketio inside gunicorn gunicorn workers 4 threads 4 threads per worker used by gthread timeout 120 malloc_arena_max 2 cap glibc malloc arenas to reduce rss 0 unset max_requests 0 recycle the web worker after n requests to release heap 0 disabled max_requests_jitter 0 random spread on max_requests so workers don t all recycle at once volume pool bench pool shared pool reused if it exists one dataset per bench backing auto discover an unused disk or fall back to a disk image backing device explicit dedicated disk device dev sdb backing image explicit preallocated file on the root filesystem volume image size 60g file created at var lib bench zfs bench pool img each bench lives on a single dataset pool bench holding both its files and its mariadb data via bind mounts so snapshots rollbacks are atomic across both apps and sites are tracked by the filesystem no need to list them in bench toml see docs volume md for the full zfs volume guide commands command what it does bench new name scaffold a new bench bench ls list all benches with status production state and admin url bench init b name install deps create venv clone framework generate procfile needs b name or run inside the bench dir bench start start all processes web workers redis admin ui bench stop stop a running bench from another terminal bench restart restart all processes supervisor systemd or openrc production only bench get app repo clone and install an app bench new site name create a site bench rename site old new rename a site checks the hostname is free across all benches bench build download pre built assets use force to rebuild from source bench update apps git pull reinstall deps rebuild assets migrate all sites fails fast on the first error on zfs benches takes a snapshot first and auto rolls back on failure bench upgrade pull latest pilot and download the admin frontend bench setup config regenerate procfile and config files from bench toml bench build admin rebuild admin frontend assets from source bench generate admin session issue a 5 minute single use admin sign in link full path for the url bench issue site token name issue a scoped jwt for site to bench api calls use as authorization bearer bench set admin password set the admin ui password prompts securely if password is omitted bench setup nginx generate and install nginx config bench setup letsencrypt obtain ssl certificates bench setup production full production setup process manager admin domain tls bench remove production tear down production return to dev keeps certs logs domain bench volume status show zfs pool and dataset usage bench volume snapshot snapshot the bench files database bench volume list snapshots list snapshots bench volume destroy snapshot tag destroy a named snapshot bench volume restore snapshot tag roll the bench back to a snapshot with multiple benches bench b my bench start developing frappe apps with pilot use a source checkout when working on pilot itself git clone https github com frappe pilot pilot cd pilot export path pwd path the bench script at the repository root runs the code from this checkout so changes to python files are picked up the next time you run a command create a local bench and start it in development mode bench new dev bench bench start first run opens the setup wizard for a tighter development loop enable the dev watchers in benches dev bench bench toml bench watch_apps_js true run frappe s js asset watcher with bench start reload_python true reload the dev web frappe process when python files change watch_admin_js true run the admin ui vite dev server if you are building the pilot admin ui then run the bench normally bench b dev bench start in this mode bench start regenerates the procfile common site config first starts redis web workers socket io the admin backend and any enabled watch processes in the foreground use bench b dev bench stop from another terminal to stop a running bench extending the cli commands are self registering adding one means creating a single file under pilot commands no edits to cli py or any central list subclass command declare its name help arguments and a registry auto discovers it pilot commands hello py from pilot commands base import command class hellocommand command name hello help print a greeting requires_bench false omit to receive the active bench def run self none print hello that s the whole change bench hello now works commands that take arguments add an add_arguments parser classmethod and a from_args args bench factory set group setup or volume to nest under a subcommand group see docs architecture md production production enabled true set by bench setup production process_manager supervisor systemd supervisor openrc use_companion_manager false run scheduler workers socketio inside gunicorn gunicorn workers 4 threads 4 timeout 120 malloc_arena_max 2 max_requests 0 letsencrypt email ops example com admin port 8002 password your admin password jwt_secret auto generated signs admin session tokens don t set by hand domain admin example com required in production admin is served behind this domain tls true server wide https via let s encrypt omit false plain http bench setup production tls process manager nginx ssl flags process manager admin domain tls bench restart restart all bench processes works with both managers bench remove production tear down production back to dev keeps certs logs domain process managers supervisor runs a bench owned supervisord instance no root needed systemd uses systemctl user units requires loginctl enable linger once openrc the alpine counterpart of systemd one supervise daemon init script per process under etc init d selected automatically on alpine none development mode use bench start procfile runner companion manager set production use_companion_manager true to run the scheduler rq workers and socket io as gunicorn companion processes this keeps them under the same preloaded gunicorn master to share memory copy on write requires the frappe gunicorn fork with companion support https is opt in with admin tls true bench setup production or the settings https toggle obtains let s encrypt certificates for the admin domain and all ssl enabled sites and redirects http to https with admin tls false the bench is served over plain http e g a central proxy terminates tls upstream and per site ssl is hidden in the ui the admin ui port 8002 admin domain shows start stop and restart buttons on the processes page when running in production mode the processes page also displays live cpu and memory usage per process admin ui the built in admin ui runs on port 8002 configurable via admin port page features dashboard bench overview and quick stats apps install remove apps edit upstream url and branch per app update status marketplace app registry filter by 6 categories search install with branch selection sites create restore drop sites install apps edit site config backup schedules processes live process list with cpu memory mb uptime and log links start stop restart in production mode logs tail and search log files with live streaming tasks multi step task view with collapsible output per step task history database mariadb process list slow queries binary log viewer settings tabbed bench ports mariadb read only redis ports workers nginx https toggle admin tls let s encrypt production process manager zfs volume linux saves to bench toml and restarts affected processes automatically updates check for pilot updates and apply in one click all forms validate input before submission site names are checked for valid hostname format repository urls for valid git url format branch names for legal characters cron expressions for valid 5 field syntax and port numbers for the 1 65535 range directory layout pilot benches my bench bench toml infra config python db redis workers apps cloned app source sites apps txt common_site_config json site1 localhost env python virtualenv managed by uv logs per process log files pids bench pid per process pid files config procfile redis configs nginx configs contributing an app to the marketplace add an entry to registry apps json and open a pr every pr that touches this file runs an automated semgrep security scan against the app s source code the pr cannot be merged until the scan passes entry format name my_app title my app description one sentence description of what the app does repo https github com your org my app branch version 16 branches version 15 version 16 logo_url https example com logo png category applications stars 0 field required notes name yes unique snake_case identifier title yes human readable display name description yes short description shown in the marketplace ui repo yes public github repo url branch yes default branch installed when a user picks this app branches yes all available version branches logo_url no direct url to a square png svg logo null if none category yes one of applications compliance developer tools extensions integrations utilities stars no leave as 0 the registry sync job updates this automatically what the security scan checks when your pr is opened ci clones your repo at the specified branch and runs semgrep against it blocking findings which fail the pr include code injection eval exec compile safe_eval template injection render_template with dynamic input direct jinja2 environment template construction sql injection f strings or format inside frappe db sql command execution subprocess with shell true os system execute_in_shell authorization bypass ignore_permissions true in whitelist methods frappe set_user multitenancy violations module level globals redis set redis get without scoping non blocking findings warning severity are reported but do not prevent merge a frappe reviewer will note them in the pr testing install test dependencies pip install e test run unit tests pytest tests ignore tests integration run with coverage pytest tests ignore tests integration cov pilot cov report term missing unit tests run against mocked filesystems no mariadb redis or network required integration tests in tests integration run the full bench init bench new site lifecycle against real services and are triggered by ci on push to main about frappe server manager resources readme uh oh there was an error while loading please reload t...
|