Installation

From Prebuilt Binaries

Go to the latest release page and download the archive corresponding to your Operating System and architecture, then:

tar xvf flowg-${VERSION}-${OS}-${ARCH}.tar.gz
sudo install -m 755 ./bin/flowg-server /usr/local/bin/flowg-server

NB: Adjust the VERSION, OS and ARCH variables to the archive you downloaded.

Then, start the server with:

flowg-server \
  --auth-dir /var/lib/flowg/data/auth \
  --log-dir /var/lib/flowg/logs \
  --config-dir /var/lib/flowg/config \
  --cluster-state-dir /var/lib/flowg/state \
  --http-bind 127.0.0.1:5080 \
  --mgmt-bind 127.0.0.1:9113 \
  --syslog-bind 127.0.0.1:5514

NB: All the options are optional and default to the values shown above.

For more informations about the command line interface, please consult this document.

From Sources

Requirements:

Go 1.22+
C Toolchain
Rust and Cargo (edition 2021)
NodeJS

First fetch the source code:

git clone https://github.com/link-society/flowg
cd flowg

Then run the build system:

go install github.com/go-task/task/v3/cmd/task@latest
task build:all
sudo install -m 755 ./bin/flowg-server /usr/local/bin/flowg-server

Then start the server like you would do with prebuilt binaries.

Using Docker

docker run \
  -p 5080:5080/tcp \
  -p 9113:9113/tcp \
  -p 5514:5514/udp \
  -v flowg-data:/data \
  linksociety/flowg:latest

Or if you are on ARM:

docker run \
  -p 5080:5080/tcp \
  -p 9113:9113/tcp \
  -p 5514:5514/udp \
  -v flowg-data:/data \
  linksociety/flowg:latest-linux-arm

Security considerations

By default, the Syslog endpoint is open to everyone. If that behavior is undesirable, you can:

Configure Client certificate authentication

By using the Syslog protocol tcp+tls instead of udp (the default), you can require Client certificate authentication:

flowg-server \
  --syslog-proto="tcp" \
  --syslog-tls \
  --syslog-tls-cert="/path/to/cert.pem" \
  --syslog-tls-key="/path/to/cert.key" \
  --syslog-tls-auth

Configure allowed origins

Otherwise, you can restrict which IP address (or range) will be allowed:

flowg-server \
  --syslog-allow-origin="127.0.0.1" \
  --syslog-allow-origin="192.168.1.0/24"

Or via an environment variable:

export FLOWG_SYSLOG_ALLOW_ORIGINS="127.0.0.1,192.168.1.0/24"
flowg-server

Next Steps

Once deployed, FlowG creates a default pipeline and a default account with the credentials root / root.

You now have access to:

The WebUI at http://localhost:5080
The API documentation at http://localhost:5080/api/docs
The Syslog endpoint at udp://localhost:5514
The Management API at http://localhost:9113:
- /health: health check, always return 200 OK
- /metrics: Prometheus Exporter

From Prebuilt Binaries​

From Sources​

Using Docker​

Security considerations​

Configure Client certificate authentication​

Configure allowed origins​

Next Steps​