Skip to content

Towlion CLI

The towlion CLI wraps common platform operations into a single command. It uses SSH for server operations and the GitHub CLI (gh) for workflow triggers.

Installation

# From the platform repo
cp cli/towlion /usr/local/bin/towlion
chmod +x /usr/local/bin/towlion

Configuration

Create ~/.towlion.conf:

SERVER_HOST=143.198.104.8
SERVER_USER=deploy
SSH_KEY_PATH=~/.ssh/id_rsa

Profiles

The config file supports INI-style [profile] sections for managing multiple servers. Existing flat configs (no section headers) are treated as [default].

[default]
SERVER_HOST=143.198.104.8
SERVER_USER=deploy
SSH_KEY_PATH=~/.ssh/id_rsa

[staging]
SERVER_HOST=10.0.0.5
SERVER_USER=deploy
SSH_KEY_PATH=~/.ssh/staging_key

Select a profile with --profile or the TOWLION_PROFILE environment variable:

towlion --profile staging status
TOWLION_PROFILE=staging towlion status

If no profile is specified, default is used.

Commands

towlion status

List all apps with container state and health status.

towlion logs <app>

Tail logs for an app (uses docker compose logs -f).

towlion health [app|all]

Check /health endpoints. Defaults to all if no app specified.

towlion create <app>

Create a new app from the template: 1. Creates GitHub repo from towlion/app-template 2. Provisions PostgreSQL and MinIO credentials on the server 3. Clones the repo on the server 4. Creates deploy/.env from template

Requires gh CLI to be installed and authenticated.

towlion secrets <app> <domain> [--preview-domain <domain>]

Set GitHub Actions secrets for an app repo. Reads SERVER_HOST, SERVER_USER, and SSH_KEY_PATH from ~/.towlion.conf and sets them as repo secrets along with APP_DOMAIN.

towlion secrets myapp app.example.com
towlion secrets myapp app.example.com --preview-domain example.com

Requires gh CLI to be installed and authenticated.

towlion deploy <app>

Trigger the deploy workflow via GitHub Actions (gh workflow run).

towlion restart <app>

Restart app containers. Automatically detects the active blue-green slot.

towlion backup [app|all]

Run a database backup. Defaults to all databases if no app specified.

towlion rotate <app> [--type db|s3|all]

Rotate credentials for an app without downtime. Defaults to rotating all credentials.

towlion ssh

SSH to the server as the deploy user.

towlion tunnel <port>

Open an SSH tunnel. Useful for accessing internal services:

towlion tunnel 5432   # PostgreSQL
towlion tunnel 3000   # Grafana
towlion tunnel 9000   # MinIO

towlion verify

Run verify-server.sh to check server health (30 checks).

towlion alerts

Run check-alerts.sh to check for active alerts.