sudojidocs
Sudoji Agent (CLI)

Installing the Sudoji Agent

Run Sudoji directly on your Linux server — no copy-pasting logs into a browser.

What is the Sudoji Agent?

The Sudoji Agent is an installable CLI that runs on your Linux server. Instead of manually copying error messages into the web chat, you run sudoji ask and the agent automatically gathers context from your environment — Node version, git status, recent log output — and sends it to Sudoji's AI in one shot.

The Agent is built around a brain / hands split: the cloud handles reasoning (the AI model), while the local CLI handles execution (reading files, running commands). Credentials and sensitive output never leave your machine unredacted.

YOUR SERVER
sudoji CLI
gathers context
redacts secrets
runs approved commands
SUDOJI CLOUD
agent-service
AI reasoning
proposes commands
streams answers

Quickstart — Recommended

The fastest way to get running. One command installs Node.js 20, pm2, and the Sudoji CLI, authenticates with your API key, and starts the daemon — all in one shot.

RECOMMENDED · one-liner installer
$ curl -fsSL https://sudoji.io/install.sh \
  | sudo SUDOJI_KEY=<your_api_key> bash

The script handles everything automatically:

  • Installs nvm, Node.js 20, and pm2 if not already present
  • Installs @sudoji/cli globally
  • Runs sudoji login with your key automatically
  • Starts the daemon under pm2 and registers it to survive reboots
Get your API key from Dashboard → Add Server. The key is generated for you and shown in the curl command — just copy and paste it onto your server.

Prefer a downloadable script?

If you'd rather inspect the script before running it (recommended for production), download it with your key pre-embedded from the dashboard, then run it manually:

terminal
# 1. Download from Dashboard → Add Server → Download tab
# 2. Upload to your server via scp / sftp, then:
chmod +x sudoji-install.sh
sudo bash sudoji-install.sh
The downloaded file has your API key embedded — do not commit it to version control or share it.

Once the script finishes, your server appears as ACTIVE in the Servers page and you can start chatting from the portal immediately. The manual steps below are only needed if you prefer full control over each stage.

Prerequisites — Manual install

  • Linux server — Ubuntu 20.04+, Debian 11+, or CentOS 8+
  • Node.js 18 or later (node --version to check)
  • A Sudoji account with an active subscription
No Node.js on your server? A standalone binary installer (no dependencies) is coming soon. For now, install Node via nvm or your package manager.

Step 1 — Create an API key

The CLI authenticates with a personal API key — not your account password. Keys are scoped so you can give a server read-only access or full execute access independently.

  1. Open Dashboard → Settings
  2. Scroll to the API Keys section
  3. Enter a name (e.g. prod-server), select scopes, click Create Key
  4. Copy the key immediately — it is shown once only and cannot be retrieved again
Treat your API key like a password. Anyone who has it can send requests to Sudoji on your behalf. If a key is compromised, revoke it immediately from the Settings page.

Scope guide:

readAsk questions and analyse logs. No commands are run on your server.safe
executeThe agent can propose and (with your approval) run commands. Required for sudoji fix.elevated

Step 2 — Install the CLI

terminal
npm install -g @sudoji/cli

Verify the installation:

terminal
sudoji --version
expected output
0.1.20

Step 3 — Authenticate

Run the login command and paste the API key you created in Step 1:

terminal
sudoji login

You'll be prompted to paste the key interactively. For CI environments or scripting, use the --paste flag:

terminal — scripted / CI
sudoji login --paste sudoji_sk_your_key_here
Keys are stored securely in your OS keychain (macOS Keychain, GNOME Keyring, KDE Wallet) with an encrypted file fallback at ~/.sudoji/credentials (mode 0600) if no keychain is available.

Step 4 — Verify your setup

Run sudoji doctor to confirm auth, API connectivity, settings, and redaction are all working:

terminal
sudoji doctor
expected output
  ✓  API key stored          sudoji_sk_a1b2c3d4…
  ✓  Settings loaded         apiBaseUrl: https://api.sudoji.io
  ✓  API reachable           https://api.sudoji.io/healthz → HTTP 200
  ✓  Redaction active        "password=super$ecret…" → "password=[REDACTED]…"

All checks passed.

Step 5 — Start the daemon (optional but recommended)

The daemon is a persistent background service that keeps your server connected to the Sudoji cloud hub. While it is running you can send messages directly from the web portal at sudoji.io/dashboard/sessions without needing your terminal open.

The recommended way is to run it under pm2 so it survives reboots and auto-restarts on crash — no second SSH session required.

terminal — install pm2 and start the daemon
# Install pm2 globally (skip if already installed)
sudo npm install -g pm2

# Start the daemon as a named pm2 process
pm2 start "sudoji daemon" --name sudoji-daemon

# Save the process list so pm2 restores it after reboot
pm2 save

# Register pm2 as a system service (run the printed command it gives you)
pm2 startup
After running pm2 startup, copy and run the command it prints (something like sudo env PATH=... pm2 startup systemd -u ubuntu --hp /home/ubuntu). That one-time step is what makes the daemon survive reboots automatically.

Check the daemon is connected:

terminal
pm2 status           # shows sudoji-daemon as online
pm2 logs sudoji-daemon --lines 20

Once connected, your server appears as online in the portal Servers page and the Chat tab in Sessions becomes active.

Running the daemon requires an Engineer or Enterprise plan. You can still use sudoji ask and sudoji chat on any plan without the daemon.

Your first question

The main command is sudoji ask. Describe the problem in plain English — the agent automatically gathers context (Node version, git status, recent errors) and sends it alongside your question.

terminal
sudoji ask "why is nginx returning 502 after my last deploy?"

The agent streams the answer directly to your terminal. It will tell you the root cause and exact commands to fix it.

Useful flags

--mode diagnoseRead-only analysis, no command proposals. Default.
--mode suggestDiagnoses then lists fix commands without running them.
--mode fixFull agent loop — reads files, runs approved commands on your server.
--no-contextSkip automatic context gathering. Faster for quick questions.
--jsonEmit newline-delimited JSON — useful for scripting.

Running fixes with sudoji do

sudoji do is shorthand for sudoji ask --mode fix. The agent reads your server, proposes the necessary commands, and runs each one after you approve it.

terminal
sudoji do "update all system packages"
sudoji do "check disk space and free up space safely"
sudoji do "restart nginx and confirm it is serving traffic"

Each run_command call shows the exact command and prompts [y/N] before executing. Read operations (reading files, listing directories, searching) are silent and automatic.

Interactive chat: sudoji chat

sudoji chat opens a persistent, multi-turn REPL on your server. Unlike sudoji ask (one-shot), chat remembers what it read earlier in the session — useful for debugging that requires several back-and-forth steps.

Every chat session is automatically given a generated name (like Brave Falcon) and saved as a thread in your portal. You can rename it from the portal by clicking the title.

terminal
# Start in diagnose mode (read-only — great for planning)
sudoji chat

# Start in fix mode (can execute commands with your approval)
sudoji chat --mode fix
Use sudoji chat (default diagnose mode) when you want to plan a change with the agent before executing anything. Switch to --mode fix once you are ready to apply the fix. All modes are available — diagnose, suggest, and fix.

Setting server context

sudoji context saves a persistent description of your server that is included in every request. Set it once after install so you never have to repeat "this is Ubuntu 22 running nginx…" in every question.

terminal
# Set context
sudoji context "Ubuntu 22.04 LTS. Nginx 1.24 + Node 20 + PM2. PostgreSQL 15. Production."

# View what's saved
sudoji context

# Clear it
sudoji context --clear
Include: OS + version, services running (nginx, postgres, redis…), whether it is production or staging, any constraints (no Docker, read-only filesystem, etc). The more specific, the more targeted the agent's responses.

Analysing logs

sudoji logs fetches recent log output from pm2, systemd, or a file, redacts any secrets, then sends it to the agent for analysis.

systemd

terminal
# Last 100 lines from the nginx unit
sudoji logs --source systemd --unit nginx

# Logs from the last 2 hours
sudoji logs --source systemd --unit postgres --since "2 hours ago"

pm2

terminal
# Analyse logs for a pm2 app named "api"
sudoji logs --source pm2 --unit api --tail 200

Log file

terminal
sudoji logs --source file --file /var/log/app/error.log --tail 50
All log output is passed through Sudoji's redaction engine before leaving your machine. Passwords, tokens, and keys matching known patterns are replaced with [REDACTED].

Configuration

Settings are loaded in layers — each layer can override the one above it:

~/.config/sudoji/settings.jsonUserYour personal defaults
.sudoji/settings.jsonProjectChecked into the repo (shared)
.sudoji/settings.local.jsonProject-localGitignored, machine-specific
~/.config/sudoji/settings.json — example
{
  "apiBaseUrl": "https://api.sudoji.io",
  "defaultMode": "ask",
  "context": {
    "redact": true,
    "maxLogLines": 200
  },
  "permissions": {
    "allow": ["npm install --ignore-scripts"],
    "deny":  ["rm -rf /"]
  }
}
← How to use SudojiFull command reference →
Installing the Sudoji Agent — Sudoji Docs