Operations
Run, inspect, scale, update, and maintain a Facio environment.
Facio is meant to run as a persistent service, not as a one-off script. Operations should focus on visibility, update safety, backups, access control, provider limits, and clear human review boundaries.
Local quickstart operations
When installed through the quickstart, use the helper from the install directory:
| Task | Command |
|---|---|
| Show services | ./facio status |
| Tail one agent | ./facio logs facio-1 |
| Pull images and recreate | ./facio update |
| Run multiple agents | ./facio scale 3 |
| Stop services | ./facio down |
See Commands for the full helper command list, runtime slash commands, provider OAuth commands, and management command endpoints.
Scaling creates stable agent hostnames and predictable Placet names. Each agent gets its own data directory under the quickstart volumes, which makes logs and state easier to reason about.
What to monitor
| Area | What to check |
|---|---|
| Placet connection | Agents register, stream progress, and receive approvals. |
| Provider access | API keys, model availability, limits, and spending controls. |
| Sessions | Long tasks can resume after approval, retry, restart, or delay. |
| Logs and audit | Tool calls, errors, credential events, guardrails, and review decisions are visible. |
| Channels | Only intended senders can reach the agent. |
| Storage | Runtime data, credentials, history, and logs are retained and backed up according to your policy. |
The management API exposes health, sessions, audit, usage, cron jobs, credentials, MCP servers, workspace files, agent versions, policy, and channel configuration. See API Gateway before exposing it outside the Docker network.
Updates
The quickstart update path pulls the current images and recreates the stack. Before updating a production-like environment, record the current version, review release notes, and make sure runtime data is backed up.
For local evaluation, ./facio update is usually enough. For real deployments, use a reviewed rollout process: test first, update one environment, verify logs and approvals, then expand.
Overrides and deployment shape
The quickstart writes a Compose setup and ships an override template. Keep the main compose file unchanged and put local choices in docker-compose.override.yml.
Common override areas:
- External port binding.
- Reverse proxy labels.
- External network connection.
- Container hardening choices.
- Environment-specific hostnames and URLs.
Backup and retention
Facio keeps state that matters: sessions, memory, credentials, logs, audit records, provider settings, skills, scripts, MCP configuration, and channel state. Decide early which parts need backup and how long each category should be retained.
The built-in GitStore keeps local version history for agent-owned workspace state. Optional GitHub backup can mirror that history to a dedicated repository: enable agents.defaults.githubBackup or FACIO_GITHUB_BACKUP_ENABLED=true, provide a token through env or the credential store, and Facio will check the configured repository at startup. If the repository is missing and createRemote is enabled, Facio creates it as private by default before pulling and later pushing local commits.
If GitHub backup is unset or disabled, nothing changes: Facio does not call GitHub and local versioning continues normally. If GitHub is unavailable while optional backup is enabled, the error is recorded in backup status instead of stopping the agent.
For sensitive environments, treat credentials and audit logs differently from general task history. Credentials need strict access control; audit logs need integrity and retention clarity.
Production-readiness checklist
- The operator surface is reachable and authenticated.
- All enabled channels have explicit access rules.
- Provider limits and billing controls are configured upstream.
- Human review is required before sensitive external actions.
- Shell execution is sandboxed where possible.
- Credentials are scoped and exposed only where needed.
- Logs and audit records are monitored.
- Runtime data is backed up.
- Update and rollback procedures are documented.
Next step
If you are still evaluating, continue with Security. If you already have a running stack, review Integrations before adding more channels, tools, or credentials.