Skip to content

Slicer REST API

This page documents the HTTP API exposed by Slicer for managing micro-VMs, images, disks, and operations.

Authentication

No authentication, ideal for local/dev work:

config:
  api:
    bind_address: 127.0.0.1
    port: 8080

For production:

config:
  api:
    bind_address: 127.0.0.1
    port: 8080
    auth:
      enabled: true

The token will be saved to: /var/lib/slicer/auth/token.

Send an Authorization: Bearer TOKEN header for authenticated Slicer daemons.

If you intend to expose the Slicer API over the Internet using something like a self-hosted inlets tunnel, or Inlets Cloud, then make sure you use the TLS termination option.

i.e.

DOMAIN=example.com
inletsctl create \
    slicer-api \
    --letsencrypt-domain $DOMAIN \
    --letsencrypt-email webmaster@$DOMAIN

Alternatively, if Slicer is on a machine that's public facing, i.e. on Hetzner or another bare-metal cloud, you can use Caddy to terminate TLS. Make sure the API is bound to 127.0.0.1:

Caddyfile:

{
    email "webmaster@example.com"
    # Uncomment to try the staging certificate issuer first
    #acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
    # The production issuer:
    acme_ca https://acme-v02.api.letsencrypt.org/directory
 }

slicer-1.example.com {
 reverse_proxy 127.0.0.1:8080
}

You can install Caddy via arkade system install caddy

Conventions

  • Content-Type: application/json unless noted.
  • Timestamps: RFC3339.
  • IDs: opaque strings returned by the API.
  • Errors: JSON: { "error": "message", "code": "optional_code" } with appropriate HTTP status.

GET /healthz

Check service liveness.

Response 200: 

{ "status": "ok" }

List nodes

HTTP GET

/nodes

[{"hostname":"vm-1","ip":"192.168.137.2","created_at":"2025-09-02T08:32:37.667253315+01:00"}]

List Host Groups

HTTP GET

/hostgroup

Response 200:

[{"name":"vm","count":1,"ram_gb":4,"vcpu":2}]

Create a new host within a Host Group

HTTP POST

/hostgroup/NAME/nodes

Add a host with the defaults:

{
}

Or add a host with userdata:

Make sure the string for userdata is JSON encoded.

{
  "userdata": "sudo apt update && sudo apt upgrade"
}

Add a host with a custom GitHub user to override the SSH keys:

```json
{
    "github_user": "your_github_username"
}

Delete a host within a Host Group

HTTP DELETE

/hostgroup/NAME/nodes/HOSTNAME

Response 204: No Content

Get node consumption details

Providing that the slicer-vmmeter service is running in your VM, detailed usage and consumption metrics can be obtained.

HTTP GET

/nodes/stats

[
  {
    "hostname": "vm-1",
    "ip": "192.168.137.2",
    "created_at": "2025-09-02T08:32:37.667253315+01:00",
    "snapshot": {
      "hostname": "vm-1",
      "arch": "x86_64",
      "timestamp": "2025-09-02T07:39:32.388239809Z",
      "uptime": "6m53s",
      "totalCpus": 2,
      "totalMemory": 4024136000,
      "memoryUsed": 220184000,
      "memoryAvailable": 3803952000,
      "memoryUsedPercent": 5.471584459372148,
      "loadAvg1": 0,
      "loadAvg5": 0,
      "loadAvg15": 0,
      "diskReadTotal": 62245888,
      "diskWriteTotal": 7815168,
      "networkReadTotal": 44041,
      "networkWriteTotal": 19872,
      "diskIOInflight": 0,
      "openConnections": 0,
      "openFiles": 480,
      "entropy": 256,
      "diskSpaceTotal": 26241896448,
      "diskSpaceUsed": 820826112,
      "diskSpaceFree": 24062115840,
      "diskSpaceUsedPercent": 3.12792222782572
    }
  }
]

Execute a shell

HTTP GET

This is an internal endpoint used by slicer vm exec to obtain a shell. It requires the slicer-ssh-agent service to be running within the guest microVM.

/vm/{hostname}/exec