Device builders
Teams selling kiosks, gateways, sensors or appliances that need an operations layer without building one from scratch.
FELANIA EDGE · V1
Felania Edge installs on existing Linux gateways, routers and connected products. It reports health through an outbound connection, alerts your team and executes only explicit allowlisted recovery actions.
WHO IT IS FOR
Teams selling kiosks, gateways, sensors or appliances that need an operations layer without building one from scratch.
People maintaining routers, edge computers or industrial sites for multiple customers and locations.
Small teams responsible for unattended equipment in shops, warehouses, farms, offices or home labs.
Builders who want fleet status and telemetry inside their own app through a straightforward REST API.
QUICKSTART
Open the console, choose Add device, then enter a unique name, site and device type.
The token begins with fle_ and is shown once. Store it on that device as a secret.
Run the generated command as root. The device appears online and begins polling for allowlisted operations.
Linux / OpenWrtcurl -fsSL https://felania.com/install.sh | \
sudo sh -s -- fle_YOUR_DEVICE_TOKENWhat it installs: a small shell agent, a separate update runner, curl and jq if missing, a root-only configuration file and a systemd or OpenWrt procd service. The agent makes outbound HTTPS requests only.
GUARDED UPDATES
Each device can use Manual or Automatic update mode from Console → Devices. Manual mode is the default. Choose Update now or queue update_agent from Remote Operations to start a manual update.
The agent accepts only the authenticated manifest path, matching SHA-256 checksum, declared version and valid shell syntax.
The current agent is copied into the previous slot before the new version is activated atomically.
The new version must send a heartbeat and complete an authenticated command poll within two minutes.
If the new process crashes, hangs or fails validation, the stable runner restores the previous version automatically.
Why the runner is separate: agent updates never overwrite the small process responsible for recovery. A device always keeps current, previous and pending-update state until validation succeeds.
RUNBOOK CONSOLE
Open Console → Runbooks to run a reviewed sequence of allowlisted operations across one or more devices. Felania validates every parameter on the server, executes steps in order and keeps a per-device transcript with status, timing and bounded output.
Collect diagnostics and discover services without changing device state.
Check DNS resolution and connectivity to a validated hostname or IP address.
Read service status and a bounded number of recent log lines.
Inspect, restart, verify and collect logs as one Owner-approved playbook.
Owners and operators can collect evidence. Viewers can read completed transcripts but cannot start a run.
Restart, interval and Agent update steps require an Owner. The risk is calculated from the operations, not chosen by the author.
Reboot requires an Owner and should always begin with a canary when more than one target is selected.
A command already claimed by a device may finish. No later step or fleet phase is queued after cancellation.
Owners choose Create Runbook and give the playbook a clear name and purpose.
Select one to eight operations. Fields such as service, target, log lines and heartbeat interval use the same validation as Remote Operations.
Select compatible Agent 1.7 devices and keep the default canary strategy for multi-device work.
Each run preserves its Runbook version and rendered steps, so later edits cannot change historical evidence.
Security boundary: Runbooks do not accept arbitrary shell, pipes, redirection or undeclared parameters. Service logs can contain application secrets, so grant console and API access only to trusted operators and rotate exposed credentials if sensitive output is captured.
Canary executioncurl -X POST https://felania.com/api/v1/runbooks/rb_system_network_path/run \
-H "Authorization: Bearer fla_YOUR_PLATFORM_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"deviceIds": ["dev_FIRST", "dev_SECOND"],
"strategy": "canary",
"parameters": { "TARGET": "felania.com" }
}'APPLICATION RELEASES
Felania Releases deploys a Docker Compose workload through the existing outbound agent. Open Console → Releases, enter an application name and version, paste the Compose file, select compatible devices and run deployment preflight before rollout.
The agent checks the release SHA-256 and runs Docker Compose validation before pulling images.
Compose images are pulled and started under an isolated Felania project name.
Every service must be running. An optional localhost HTTP endpoint can provide application-level health.
A failed device restores its previous Compose release. Successful earlier targets are rolled back when a later phase fails.
media-control · 2.4.0services:
app:
image: ghcr.io/example/media-control:2.4.0
restart: unless-stopped
environment:
DATABASE_URL: ${DATABASE_URL}
ports:
- "8080:8080"${VARIABLE_NAME}. Values are encrypted at rest with AES-256-GCM and never appear in Compose, command payloads, deployment output or the timeline. Workspace values can be overridden per site and then per device.Precedence is workspace, then site, then device. Each target receives the encrypted snapshot captured when the release was created.
The authenticated agent can retrieve protected deployment configuration once, and only while its release command is running.
Resolved variables are written beside the release as a mode 0600 .env file so Compose can restart safely.
Registry login uses a temporary Docker configuration for image pull, then deletes it before the workload starts.
In Console → Releases, enter the HTTPS registry host, username and plaintext password or access token. For htpasswd, use the original password—not the bcrypt hash stored in the password file. Felania validates /v2/ before encrypting the credential.
Choose Browse images, select a repository and then Inspect image. Felania reads its Registry V2 manifest, immutable digest, size and supported platforms such as linux/amd64 and linux/arm64.
Choose Use pinned image to place an @sha256: reference into the Compose release. A later push that changes the original tag cannot silently change this release.
Every image from the selected private registry is resolved to its current manifest digest.
Agent 1.7.0 reports the device Docker platform. Felania compares it with every inspected image platform.
Unknown device architecture, missing image platform metadata or an architecture mismatch blocks release creation before the canary.
Mutable tags in Compose are replaced by immutable digests on the server, including API-created releases.
POST /api/v1/releases/preflightcurl -X POST https://felania.com/api/v1/releases/preflight \
-H "Authorization: Bearer YOUR_PLATFORM_API_KEY" \
-H "Content-Type: application/json" \
--data @release.jsonRotate or correct a login: choose Update login on the saved Registry card, enter the plaintext password again and select Verify & update login. The existing encrypted credential remains unchanged if verification fails.
Compatibility: the Registry must expose the Docker Distribution V2 catalog and tag endpoints. Some hosted registries or pull-only scoped credentials intentionally deny _catalog; those credentials can still deploy an explicitly entered image reference.
Stop containers without deleting configuration or volumes, then start the stored release with health validation.
Restart the current Compose project and require container plus optional HTTP health checks to pass.
Remove containers and networks while preserving named volumes and local release files for a later Start.
Permanently remove containers, application volumes and local release files. Owner access and exact application-key confirmation are required.
Device requirements: Felania Agent 1.7.0, Docker Engine and either Docker Compose v2 or docker-compose. Secret values and registry tokens must be one line. Anyone with root access to a target device can inspect its runtime environment, so device operating-system security still matters.
EDGE APP BLUEPRINTS
Open Console → Releases and choose a Blueprint. The guided form asks only for the image or version, ports and required encrypted variables. Felania renders a server-validated Compose file, shows a safe preview, then uses the same canary health gates and immutable protected snapshots as a manual release.
Docker Service and Uptime Kuma can be configured and deployed now.
Rendered Compose and its localhost health target are visible before rollout.
Incomplete Blueprints show readiness blockers and cannot create a deployment.
Secret values never appear in the Compose preview, release payload or GitHub workflow.
In Console → API, create a dedicated key and save it in the GitHub repository secret FELANIA_API_KEY.
On a Ready Blueprint card, choose GitHub Action and save the result as .github/workflows/felania-deploy.yml.
If the Blueprint declares secret variables, create GitHub repository secrets with the same names. Non-secret values are workflow inputs.
Use Actions → Deploy with Felania → Run workflow. Supply an immutable version and a JSON array of target device IDs.
Safe automation: give each repository its own Felania API key, keep the workflow permission at contents: read, pin image versions and revoke the key when the integration is retired.
CORE CONCEPTS
Every device belongs to one workspace and one site. A device identity is independent of its hardware, so it can represent a Linux computer, OpenWrt router, ESP32, gateway or another connected product.
Each heartbeat includes CPU, memory, disk, Wi-Fi signal when available, hostname, IP address, uptime, load average, kernel, agent version and operating-system metadata. Felania retains telemetry for 30 days by default.
Owners remove an identity from the active fleet and invalidate its token while preserving telemetry, deployments and audit history.
An archived identity returns as Pending with a newly rotated one-time device token. The old token remains invalid.
Archive is blocked while the device has an active deployment, Runbook or queued/running command.
Permanent purge is available only for an archived identity with no deployment, Runbook or command history and requires its exact name.
Console workflow: open Console → Devices and choose Archive. Archived identities appear below the active inventory with Restore and, when safe, Purge controls.
Find a device quickly: search by device name, site, OS, hostname, agent version or platform. Sort the active inventory by attention status, name, site, last seen or version. The same search also filters archived identities.
STATUS MODEL
Heartbeat received in the last two minutes.
Device is reporting but explicitly needs attention.
No heartbeat has arrived for more than two minutes.
Identity exists, but its first heartbeat has not arrived.
TOKENS & SECURITY
fle_…Lives on one device. It can only send telemetry for that identity. Use it with the heartbeat endpoint.
fla_…Lives in your trusted backend or automation. It can read and manage the fleet in its workspace.
Never place a Platform API key in browser JavaScript or firmware distributed to customers. Create separate keys for each integration and revoke them from the console when no longer needed.
PLATFORM API
Create a Platform API key from Console → API. Send it as a Bearer token on every management request. The API is versioned under /api/v1 and returns JSON.
List devicescurl https://felania.com/api/v1/devices \
-H "Authorization: Bearer fla_YOUR_PLATFORM_API_KEY"Node.jsconst response = await fetch("https://felania.com/api/v1/summary", {
headers: { Authorization: `Bearer ${process.env.FELANIA_API_KEY}` }
});
const fleet = await response.json();
console.log(`${fleet.online}/${fleet.total} devices online`);Platform API keys are limited to 120 requests per minute per key. Device heartbeat limits are separate.
API REFERENCE
/api/v1/summaryFleet totals by status/api/v1/devicesList devices and latest metrics/api/v1/devices/archivedList archived identities and purge eligibility/api/v1/devicesCreate a device and one-time token/api/v1/devices/:idRead one device/api/v1/devices/:id/telemetryLatest 100 telemetry points/api/v1/releasesRelease and deployment history/api/v1/releases/preflightResolve digests and validate image/device platforms without deploying/api/v1/releasesCreate a Compose release and start rollout/api/v1/releases/{id}/redeployDeploy a stored version with a new protected snapshot/api/v1/releases/{id}/archiveHide a release while preserving audit history/api/v1/applications/{slug}/actionsStop, start, restart, uninstall or purge an application/api/v1/blueprintsList Ready and Draft Blueprint definitions/api/v1/blueprints/{id}/previewRender and validate a Blueprint without deploying/api/v1/blueprints/{id}/deployCreate a guarded release from a Ready Blueprint/api/v1/deployments/{id}/cancelStop future targets and recover a running canary/api/v1/deployments/{id}/retryRetry with the original encrypted snapshot/api/v1/deployments/{id}/rollbackRoll back a successful release/api/v1/devices/:id/update-policyChoose automatic or manual agent updates/api/v1/devices/:id/commandsQueue an allowlisted operation/api/v1/devices/:id/commandsRead command status and results/api/v1/runbooksList validated Runbooks and recent runs/api/v1/runbooks/{id}/runStart a Runbook with validated parameters and targets/api/v1/runbook-runs/{id}Read target, step and output transcript/api/v1/runbook-runs/{id}/cancelStop future steps and fleet phases/api/v1/registry-credentialsList saved registry identities without passwords/api/v1/registry-credentials/{id}/catalogBrowse a bounded Registry V2 repository page/api/v1/registry-credentials/{id}/tagsList explicit tags for one repository/api/v1/registry-credentials/{id}/images/inspectRead digest, size and platforms for one tag or digest/api/v1/devices/:idArchive a device/api/v1/devices/:id/restoreRestore an identity and rotate its one-time token/api/v1/devices/:id/purgePermanently remove an unused archived identity/api/v1/ingest/heartbeatSend device telemetryThe public demo runs entirely in your browser, so you can explore incidents and recovery without an account.
Open interactive demo →