hiveloom serve
Starts the long-running Hiveloom service. This is the process that owns the admin API, every per-agent MCP endpoint, and the in-process agent runtime. In production it runs under systemd; locally it runs in a terminal.
Synopsis
hiveloom serve [OPTIONS]Options
| Flag | Default | Description |
|---|---|---|
--host <HOST> | 127.0.0.1 | Bind address. Use 0.0.0.0 only behind a reverse proxy. |
--port <PORT> | 3000 | Listen port for HTTP. |
--data-dir <DATA_DIR> | /var/lib/hiveloom | Where the platform DB, tenant DBs, and master key live. Also reads HIVELOOM_DATA_DIR. |
Examples
Run on a developer laptop, default settings:
hiveloom serveRun a production VPS bound to localhost (Caddy terminates TLS in front):
hiveloom serve --host 127.0.0.1 --port 3000 --data-dir /var/lib/hiveloomOverride the data directory via env:
HIVELOOM_DATA_DIR=/srv/hiveloom hiveloom serveWhat gets exposed
| Path | Purpose |
|---|---|
/healthz | Liveness check used by Caddy and uptime monitors. |
/api/admin/... | Admin API for tenants, agents, credentials, etc. |
/api/agents/<id>/mcp | Per-agent MCP endpoint for chat clients. |
Operating it
- Under systemd:
sudo systemctl start hiveloom(see systemd setup). - Verify it’s healthy:
hiveloom health. - Tail logs:
journalctl -u hiveloom -forhiveloom tail.
Never expose port 3000 directly to the public internet — terminate TLS with
Caddy and proxy from :443 to 127.0.0.1:3000. See
Reverse proxy.