Rediacc CLI Reference
Overview
The **Rediacc CLI** (`rdc`) is a command-line interface for managing self-hosted infrastructure — machines, repositories, storage, backups, and more.
Installation
Download the latest binary for your platform from the [Rediacc releases page](https://www.rediacc.com) or install via your package manager:
# macOS / Linux
curl -fsSL https://get.rediacc.com | sh
# Or use the packaged binary directly
./rdc --helpGlobal Options
Every command supports these global flags:
| Flag | Description |
|---|---|
--output | Output format (table|json|yaml|csv) |
--config | Use specific config for this command |
--lang | Language override ({{languages}}) |
--force | Skip confirmation prompts |
1. Agent Utilities
Introspection commands for AI agents. Key subcommands: capabilities (list all commands with args/options as JSON), schema (detailed schema for a single command), exec (execute a command with JSON input from stdin, always returns JSON).
1.1 capabilities
List all available commands with arguments and options
rdc agent capabilities1.2 schema
Show detailed schema for a specific command
rdc agent schema <command>1.3 exec
Execute a command with JSON input from stdin
rdc agent exec <command>1.4 generate-reference
Generate command reference markdown for Claude skills
rdc agent generate-reference2. Config Management
Manage CLI configuration files stored at ~/.config/rediacc/. CRUD operations for machines, repositories, storage backends, and SSH keys within a config. Key subcommands: init (create named config), show, list, ssh (manage keys), recover (from backup). Nested groups: config machine, config repository, config storage, config infra.
Config files store connection details (API URL, credentials, default team/region/bridge) so you can switch between environments quickly.
2.1 init
Create a new named config file
You can add machines directly:
rdc config init [name] [options]| Flag | Description | Required | Default |
|---|---|---|---|
--ssh-key <path> | Path to SSH private key (e.g., ~/.ssh/id_rsa) | No | - |
--renet-path <path> | Path to renet binary (default: renet in PATH) | No | - |
--master-password <password> | Encrypt resources with a master password | No | - |
-u, --api-url <url> | API URL | No | - |
2.2 list
List all config files
rdc config list2.3 show
Show current config details
rdc config show2.4 delete
Delete a config file
rdc config delete <name>2.5 set
Set a default value (team, region, bridge)
rdc config set <key> <value>Tip: Setting defaults means you don't need to pass `--team`, `--region`, or `--bridge` with every command.
2.6 clear
Clear defaults (all or specific key)
rdc config clear [key]2.7 recover
Restore config from backup (.bak) file
rdc config recover [name] [options]| Flag | Description | Required | Default |
|---|---|---|---|
-y, --yes | Skip confirmation prompt | No | - |
2.8 set-ssh
Update SSH configuration for the current config
rdc config set-ssh2.9 set-renet
Set the path to renet binary
rdc config set-renet2.10 ssh
Manage SSH key configuration
set
Set SSH key for the current config
rdc config ssh set [options]| Flag | Description | Required | Default |
|---|---|---|---|
--key <path> | Path to SSH private key file | Yes | - |
--embed | Embed key content in config instead of storing path | No | - |
show
Show current SSH key configuration
rdc config ssh showremove
Remove SSH key from the current config
rdc config ssh remove2.11 machine
Manage machines in the current config
add
Add a machine to the current config. Auto-scans SSH host keys. After adding, run: config machine setup <name>
rdc config machine add <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--ip <address> | Machine IP address or hostname | Yes | - |
--user <username> | SSH username | Yes | - |
--port <port> | SSH port | No | 22 |
--datastore <path> | Datastore path on machine | No | /mnt/rediacc |
remove
Remove a machine from the current config
rdc config machine remove <name>list
List machines in the current config
rdc config machine listscan-keys
Scan SSH host keys for machines in the current config
rdc config machine scan-keys [machine]setup
Provision a remote machine for repositories (installs renet, configures Docker, BTRFS datastore). Idempotent. Required after 'config machine add' and before 'repo create'
rdc config machine setup <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--datastore <path> | Datastore path on remote machine | No | /mnt/rediacc |
--datastore-size <size> | Datastore size (e.g., 95%, 100G) | No | 95% |
--debug | Enable debug output | No | - |
set-ceph
Set Ceph RBD configuration for a machine
rdc config machine set-ceph [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Machine name | Yes | - |
--pool <name> | Ceph pool name (e.g., rbd) | Yes | - |
--image <name> | RBD image name (e.g., datastore-prod1) | Yes | - |
--cluster <name> | Ceph cluster name | No | ceph |
2.12 repository
Manage repository mappings in the current config
add
Add a repository GUID mapping to the current config
rdc config repository add <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--guid <guid> | Repository GUID (UUID from storage backup filenames) | Yes | - |
--tag <tag> | Repository tag | No | latest |
--credential <credential> | Repository credential (encryption passphrase) | No | - |
--network-id <id> | Network ID for Docker isolation (2816, 2880, ...). Auto-assigned if omitted | No | - |
remove
Remove a repository mapping from the current config
rdc config repository remove <name>list
List repository GUID mappings in the current config
rdc config repository listlist-archived
List archived repository credentials
rdc config repository list-archivedrestore-archived
Restore an archived repository credential
rdc config repository restore-archived <guid> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--name <name> | Restore with a different name | No | - |
purge-archived
Permanently delete all archived credentials
rdc config repository purge-archived2.13 provider
Manage cloud providers for automated machine provisioning
add
Add a cloud provider
rdc config provider add <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--provider <source> | Known provider source (e.g., linode/linode, hetznercloud/hcloud) | No | - |
--source <source> | Custom OpenTofu provider source (e.g., vultr/vultr) | No | - |
--token <token> | API token for the cloud provider | Yes | - |
--region <region> | Default region for new machines | No | - |
--type <type> | Default instance type/size | No | - |
--image <image> | Default OS image | No | - |
--ssh-user <user> | SSH username for new VMs (default: root) | No | - |
--resource <type> | Custom: OpenTofu resource type for VM | No | - |
--label-attr <attr> | Custom: attribute name for VM label | No | - |
--region-attr <attr> | Custom: attribute name for region | No | - |
--size-attr <attr> | Custom: attribute name for instance type | No | - |
--image-attr <attr> | Custom: attribute name for OS image | No | - |
--ipv4-output <attr> | Custom: output attribute for IPv4 address | No | - |
--ipv6-output <attr> | Custom: output attribute for IPv6 address | No | - |
--ssh-key-attr <attr> | Custom: attribute name for SSH keys | No | - |
--ssh-key-format <format> | Custom: SSH key format (inline_list or resource_id) | No | - |
--ssh-key-resource <type> | Custom: OpenTofu resource type for SSH keys | No | - |
remove
Remove a cloud provider configuration
rdc config provider remove <name>list
List configured cloud providers
rdc config provider list2.14 storage
Manage storage backends in the current config
import
Import storages from an rclone config file
rdc config storage import <file> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--name <name> | Import only this named section | No | - |
remove
Remove a storage from the current config
rdc config storage remove <name>list
List storages in the current config
rdc config storage list2.15 infra
Manage infrastructure configuration (proxy, DNS, certificates)
set
Set infrastructure configuration for a machine (machine-specific: IPs, domain, ports; shared: cert email, CF DNS token)
rdc config infra set <machine> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--public-ipv4 <ip> | Public IPv4 address (per-machine) | No | - |
--public-ipv6 <ip> | Public IPv6 address (per-machine) | No | - |
--base-domain <domain> | Base domain for applications (per-machine) | No | - |
--cert-email <email> | Email for TLS certificate notifications (shared across machines) | No | - |
--cf-dns-token <token> | Cloudflare DNS API token for ACME DNS-01 challenge (shared across machines) | No | - |
--tcp-ports <ports> | TCP ports to forward (comma-separated, e.g., 25,143,465) | No | - |
--udp-ports <ports> | UDP ports to forward (comma-separated, e.g., 53) | No | - |
show
Show infrastructure configuration for a machine
rdc config infra show <machine>push
Push infrastructure config to machine (Traefik proxy, router, Cloudflare DNS). Run 'config infra set <machine>' first
rdc config infra push <machine> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--debug | Enable debug output | No | - |
2.16 cert-cache
Manage cached TLS certificates
pull
Download and cache TLS certificates from a machine
rdc config cert-cache pull <machine> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--no-prune | Skip pruning stale network-ID certificates | No | - |
--debug | Enable debug output | No | - |
push
Upload cached TLS certificates to a machine
rdc config cert-cache push <machine> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--debug | Enable debug output | No | - |
status
Show cached certificate inventory
rdc config cert-cache statusclear
Remove the certificate cache
rdc config cert-cache clear2.17 backup-strategy
Manage multi-destination backup strategy
set
Configure backup strategy settings
rdc config backup-strategy set [options]| Flag | Description | Required | Default |
|---|---|---|---|
--destination <storage> | Storage destination name | No | - |
--cron <expression> | Cron expression for backup schedule (e.g., "0 2 * * *") | No | - |
--enable | Enable scheduled backups | No | - |
--disable | Disable scheduled backups | No | - |
show
Show current backup strategy configuration
rdc config backup-strategy show3. Datastore Management
Low-level block storage management for machine datastores (Ceph RBD or local BTRFS). Typically only needed during initial machine setup or cross-machine migration. Key subcommands: init (create datastore), status (health/usage), fork (clone datastore to another machine), unfork (restore from snapshot).
3.1 init
Initialize datastore on a machine (local loop-backed or Ceph RBD)
rdc datastore init [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Machine name (where the Ceph datastore is hosted) | Yes | - |
--size <size> | Datastore size (e.g., 5G, 50G, 100G) | Yes | - |
--backend <type> | Backend type: local (default) or ceph | No | local |
--pool <name> | Ceph pool name (default: from machine config, or rbd) | No | rbd |
--image <name> | Ceph RBD image name (default: from machine config via set-ceph) | No | - |
--cluster <name> | Ceph cluster name (default: ceph) | No | ceph |
--force | Force initialization even if datastore already exists (WARNING: reformats storage) | No | - |
--debug | Enable debug output | No | - |
3.2 fork
Create a local COW copy of a Ceph datastore via RBD snapshot + clone (< 2s). Save snapshot/clone names from output for unfork. Only one fork per target name; unfork before re-forking
rdc datastore fork [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Machine name (where the Ceph datastore is hosted) | Yes | - |
--to <name> | Clone suffix (creates clone named <image>-fork-<name>). The fork stays on the source machine | Yes | - |
--cow-size <size> | COW backing file size (default: auto, grows on demand) | No | - |
--debug | Enable debug output | No | - |
3.3 unfork
Clean up a fork: unmount COW, remove clone, remove snapshot
rdc datastore unfork [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Machine name (where the Ceph datastore is hosted) | Yes | - |
--source <image> | Original RBD image that was forked (from config set-ceph --image, e.g. ds-prod) | Yes | - |
--snapshot <name> | Snapshot to remove (the "Snapshot:" value from fork output, e.g. fork-<timestamp>) | Yes | - |
--dest <image> | Clone image to remove (the "Clone:" value from fork output, e.g. ds-prod-fork-<machine>) | Yes | - |
--pool <name> | Ceph pool name (default: from machine config) | No | - |
--mount-point <path> | Fork mount point to unmount (default: /mnt/rediacc) | No | - |
--force | Continue cleanup even if individual steps fail (e.g. unmount, snapshot removal) | No | - |
--debug | Enable debug output | No | - |
3.4 status
Show datastore backend, size, usage, mount status, and cow_mode (if forked)
rdc datastore status [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Machine name (where the Ceph datastore is hosted) | Yes | - |
--debug | Enable debug output | No | - |
4. Machine Management
Inspect remote machine state: system resources, running containers, systemd services, deployed repositories, and health diagnostics. Read-only queries — to modify repos use `repo`. Key subcommands: query (full status with --system, --containers, --repositories, --services filters), list, create, rename, delete, prune.
4.1 list
List machines
rdc machine list [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
--search <text> | Search in {{field}} | No | - |
--sort <field> | Sort by field | No | - |
--desc | Sort in descending order | No | - |
4.2 create
Create a new machine
rdc machine create <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
-b, --bridge <name> | Bridge name | No | - |
--vault <json> | Machine vault data as JSON string | No | - |
4.3 rename
Rename a machine
rdc machine rename <oldName> <newName> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
4.4 delete
Delete a machine
rdc machine delete <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
-f, --force | Skip confirmation prompts | No | - |
--dry-run | Show what would be done without making changes | No | - |
4.5 vault
Machine vault management (cloud adapter only)
rdc machine vault4.6 vault-status
{{t:cli.commands.machine.vault-status.description}}
rdc machine vault-status <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
4.7 update
Update machine configuration
rdc machine update4.8 health
Check machine health for CI/CD pipelines
The health command outputs system metrics, container status, service stability, and storage information — useful for CI/CD pipeline checks.
rdc machine health <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
4.9 containers
List containers on a machine with status, health, and domain routing. JSON includes full container details with repository resolved to name (original in repository_guid), domain, and autoRoute
rdc machine containers <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
--health-check | Health check mode - exits with code 2 if any unhealthy | No | - |
4.10 services
List rediacc-managed systemd services on a machine (name, state, sub-state, restart count, memory, repository resolved to name with original in repository_guid). Use --stability-check to exit with code 2 if any failed or restarting (for CI/CD)
rdc machine services <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
--stability-check | Stability check mode - exits with code 2 if any failed/restarting | No | - |
4.11 query
Show full machine status (infra, system, repos with name/guid, containers with repository/repository_guid/domain/autoRoute, services with repository/repository_guid)
rdc machine query <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--debug | Enable debug output | No | - |
--system | Include system info only | No | - |
--repositories | Include repositories only | No | - |
--containers | Include containers only | No | - |
--services | Include services only | No | - |
--network | Include network interfaces only | No | - |
--block-devices | Include block devices only | No | - |
4.12 vault-status
Show parsed vault status for a machine
rdc machine vault-status <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
4.13 repos
List deployed repositories on a machine (name, GUID, size, mount status, Docker state, container count, disk usage, modified date, Rediaccfile present). JSON nests containers and services under each repo. Use --search to filter by name or GUID
rdc machine repos <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
--search <text> | Filter repositories by name | No | - |
4.14 test-connection
Test SSH connection to a machine and capture host key
rdc machine test-connection [options]| Flag | Description | Required | Default |
|---|---|---|---|
--ip <address> | Machine IP address or hostname | Yes | - |
--user <name> | SSH username | Yes | - |
-t, --team <name> | Team name | No | - |
-b, --bridge <name> | Bridge name | No | - |
--port <number> | SSH port | No | 22 |
--password <pwd> | SSH password for initial authentication | No | - |
--datastore <path> | Datastore path on machine | No | /mnt/rediacc |
-m, --machine <name> | Machine name (for updating vault after test) | No | - |
--save | Save known_hosts to machine vault after successful test | No | - |
Tip: Use `--save-known-hosts` to automatically persist the host key to the machine vault after a successful test.
4.15 provision
Provision a new machine on a cloud provider using OpenTofu
rdc machine provision <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--provider <name> | Cloud provider name (from config provider add) | Yes | - |
--region <region> | Override default region | No | - |
--type <type> | Override default instance type | No | - |
--image <image> | Override default OS image | No | - |
--ssh-user <user> | SSH username for the new VM (default: root) | No | - |
--base-domain <domain> | Base domain for infrastructure (e.g., example.com). Implies --infra | No | - |
--no-infra | Skip infrastructure configuration (proxy + DNS) | No | - |
--debug | Enable debug output | No | - |
4.16 deprovision
Destroy a cloud-provisioned machine and remove from config
rdc machine deprovision <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--force | Skip confirmation prompt | No | - |
--debug | Enable debug output | No | - |
4.17 backup
Machine backup management
schedule
Push backup schedule to a remote machine (systemd timer)
rdc machine backup schedule <machine> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--debug | Enable debug output | No | - |
4.18 prune
Remove orphaned datastore resources and stale snapshots from a machine
rdc machine prune <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--dry-run | Show what would be removed without making changes | No | - |
--orphaned-repos | Also prune repo images not in any config | No | - |
--force | Skip confirmation prompts | No | - |
--grace-days <days> | Grace period in days for recently archived repos (default: 7) | No | - |
--debug | Enable debug output | No | - |
5. MCP Server
Expose the CLI as a Model Context Protocol (MCP) server for integration with AI agents. The server wraps CLI commands as MCP tools with structured JSON input/output. Key subcommand: serve (start stdio-based MCP server).
5.1 serve
Start MCP server (stdio transport)
rdc mcp serve [options]| Flag | Description | Required | Default |
|---|---|---|---|
--config <name> | Config name to use for all commands | No | - |
--timeout <ms> | Default command timeout in milliseconds | No | 120000 |
--allow-grand | Allow destructive operations on grand (non-fork) repositories. Default: fork-only mode | No | - |
6. Repository Lifecycle
Deploy and manage encrypted repositories on machines. Key subcommands: create, up (deploy), down (stop), fork (instant CoW clone), delete, push/pull (backup), sync (file transfer). Lifecycle: repo create → repo up --mount → repo down. See Key Concepts in rdc --help for architecture, routing, and environment variable details.
6.1 mount
Mount a repository (decrypt and open the LUKS container, making the filesystem accessible). Needed on first deploy, after 'repo push' to a new machine, or after 'repo unmount'. Can also be done via 'repo up --mount'. The volume stays mounted until explicitly unmounted. Omit name to mount all repos on the machine
rdc repo mount [name] [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--checkpoint | Restore CRIU container checkpoint after mount (resume processes from saved memory state). Used after 'repo push --checkpoint' for live migration | No | - |
--no-docker | Skip starting Docker daemon after mount | No | - |
--parallel | Start repositories concurrently | No | - |
--concurrency <n> | Max concurrent repositories (default: 3) | No | 3 |
-y, --yes | Skip confirmation for batch operations | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.2 unmount
Unmount a repository (close the LUKS container, detaching the encrypted filesystem). Services must be stopped first ('repo down'). After unmount, repo data is inaccessible until remounted. Required before 'repo resize'. Omit name to unmount all repos on the machine
rdc repo unmount [name] [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--checkpoint | Create CRIU container checkpoint before unmount (capture running process memory state for later restore) | No | - |
--parallel | Start repositories concurrently | No | - |
--concurrency <n> | Max concurrent repositories (default: 3) | No | 3 |
-y, --yes | Skip confirmation for batch operations | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.3 up
Deploy or update a repository (mount, run Rediaccfile up which calls renet compose). Proxy routes take ~3s to become active after deploy. Use --mount for first deploy or forked repos. CRIU checkpoint restore is auto-detected — use --skip-checkpoint to force fresh start. Omit name to deploy all repos on the machine
rdc repo up [name] [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--mount | Mount repository first (required for forked repos on first deploy) | No | - |
--skip-checkpoint | Skip CRIU checkpoint restore even if checkpoint data exists (force fresh start) | No | - |
--tls | Request dedicated TLS cert for this repo (forks use shared machine cert by default) | No | - |
--include-forks | Also mount/start forked repositories | No | - |
--mount-only | Only mount, don't start services | No | - |
--parallel | Start repositories concurrently | No | - |
--concurrency <n> | Max concurrent repositories (default: 3) | No | 3 |
-y, --yes | Skip confirmation for batch operations | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
--dry-run | Show what would be done without making changes | No | - |
6.4 up-all
Deploy all repositories on a machine
rdc repo up-all6.5 down
Stop repository Docker containers (runs Rediaccfile down via renet compose). Does NOT unmount the encrypted volume -- the repo stays mounted and can be restarted with 'repo up'. Use --unmount to also close the LUKS container after stopping. Use --checkpoint to save CRIU process state before stopping (next 'repo up' auto-restores). Omit name to stop all repos on the machine
rdc repo down [name] [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--unmount | Also unmount (close LUKS container) after stopping. Equivalent to 'repo down' then 'repo unmount'. Required before 'repo resize' or to fully secure the volume | No | - |
--checkpoint | Create CRIU checkpoint before stopping (save process memory state for later restore via 'repo up') | No | - |
-y, --yes | Skip confirmation for batch operations | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
--dry-run | Show what would be done without making changes | No | - |
6.6 status
Get repository status (mount state, Docker daemon running, container count, disk usage)
rdc repo status <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.7 list
List repositories on a machine
rdc repo list [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.8 create
Create a new encrypted repository
rdc repo create <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--size <size> | Repository size (e.g., 10G, 100G, 1T) | Yes | - |
--no-docker | Skip starting Docker daemon after creation | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.9 delete
Delete a repository (destroys containers, volumes, and encrypted image). Config entry is preserved. Use --archive-config to move credentials to deletedRepositories for recovery via 'config restore-archived'
rdc repo delete <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--archive-config | Move config entry to deletedRepositories for later recovery | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
--dry-run | Show what would be done without making changes | No | - |
6.10 fork
Create a CoW (Copy-on-Write) fork of a repository. Fork gets a NEW GUID, networkId, IP range, and auto-route domain ({service}.{forkName}.{machine}.{baseDomain}) — it is a fully independent copy. Online forking is supported — the parent can remain running. Fork inherits the parent's encryption credentials automatically. Use --checkpoint to capture CRIU process state before forking — the fork will auto-restore on first 'repo up' (in-memory state preserved). CROSS-MACHINE FORK: To fork to another machine, first fork locally, then transfer: (1) repo fork <parent> -m <source> --tag <name>, (2) backup push <name> -m <source> --to-machine <target>, (3) repo up <name> -m <target> --mount. WARNING: Do NOT use 'backup push' alone for forking — it creates a raw copy with the SAME GUID (not an independent fork). Always fork first to get a new identity. Auto-routes use the repo name so each fork gets a unique domain automatically
rdc repo fork <parent> [tag] [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--tag <name> | Tag for the fork (creates name:tag) | No | - |
--checkpoint | Create CRIU checkpoint on source before forking (capture process memory state for restore on fork) | No | - |
--up | Mount and start services after forking (fork + mount + up in one command) | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.11 takeover
Replace grand repo's data with a fork's data. The grand keeps its identity (GUID, networkId, domains, autostart, backup chain) but gets the fork's upgraded data. The old production data is preserved as a backup fork. Use for: test upgrade on fork → verify → takeover to production.
rdc repo takeover <fork> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--force | Skip modification warnings | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.12 resize
Resize a repository offline (supports both grow and shrink). Repo must be unmounted first ('repo down --unmount'). For zero-downtime growth without stopping, use 'repo expand' instead
rdc repo resize <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--size <size> | New repository size (e.g., 10G, 100G, 1T) | Yes | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.13 expand
Expand a mounted repository online (zero downtime, grow-only). Grows the LUKS container and filesystem while containers keep running. Cannot shrink -- use 'repo resize' for that (requires unmount)
rdc repo expand <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--size <size> | New repository size (e.g., 10G, 100G, 1T) | Yes | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.14 validate
Validate repository integrity (LUKS container, filesystem consistency, configuration). Use after unexpected shutdowns or to verify backup health
rdc repo validate <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.15 autostart
Manage automatic repository startup on boot
enable
Enable autostart for a repository (omit name to enable all)
rdc repo autostart enable [name] [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
disable
Disable autostart for a repository (omit name to disable all)
rdc repo autostart disable [name] [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
list
List repositories with autostart enabled
rdc repo autostart list [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.16 ownership
Change repository directory ownership UID on the mounted volume (default: 7111). Use when containers need a specific UID to access repo files
rdc repo ownership <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
--uid <uid> | Owner UID (default: 7111) | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.17 template
Manage and apply deployment templates (writes docker-compose.yml, Rediaccfile, and additional files). Rediaccfile must use 'renet compose' (not 'docker compose'). Restart policies are safe (auto-managed by renet watchdog). Renet auto-injects network_mode:host, CRIU capabilities, and rediacc labels. Dangerous settings (privileged, pid:host) blocked unless --unsafe. Use 'list' to see available built-in templates, 'apply' to deploy one to a repository
list
List all embedded deployment templates shipped with the CLI
rdc repo template listapply
Apply a template to a repository. Use a built-in template name (e.g. app-postgres) or --file for a custom JSON template. Rediaccfile lifecycle: up() starts containers (pull images, generate configs here), down() stops. Minimal Rediaccfile: up() { renet compose -- pull; renet compose -- up -d; } down() { renet compose -- down; }. IMPORTANT: Rediaccfile MUST use 'renet compose' — 'docker compose' is rejected. ENV VARS — two levels: (a) Rediaccfile shell: ${SVCNAME_IP} (e.g. APP_IP), ${REDIACC_WORKING_DIR}, ${REDIACC_NETWORK_ID}. (b) Inside containers: renet auto-injects SERVICE_IP and REDIACC_NETWORK_ID env vars. Use SERVICE_IP in your app code to bind to the correct loopback IP. Containers MUST bind to SERVICE_IP:<port> (not 0.0.0.0) since network_mode:host is injected and ports: are ignored. STORAGE: Both ${REDIACC_WORKING_DIR}/... bind mounts and Docker named volumes are safe — Docker data-root is inside the encrypted LUKS mount. RESTART POLICY: Restart policies are safe — renet auto-strips them for CRIU compatibility and the watchdog handles recovery. Compose: do NOT add network_mode or rediacc.* labels (renet injects them). Multi-project: place each sub-project in its own subdirectory with its own Rediaccfile — renet auto-discovers and runs them in order. HTTPS routing: (A) Auto-route (fork-friendly, recommended): do NOT add traefik.enable. Renet auto-generates https://{serviceName}.{repoName}.{machineName}.{baseDomain}. Add rediacc.service_port=<port> label for non-80 ports. Each fork gets a unique domain. (B) Traefik labels (custom domain, NOT fork-friendly): traefik.enable=true, traefik.http.routers.<n>.rule=Host(`domain`), traefik.http.routers.<n>.entrypoints=websecure,websecure-v6, traefik.http.routers.<n>.tls.certresolver=letsencrypt, traefik.http.services.<n>.loadbalancer.server.port=<port>. For TCP/UDP: rediacc.tcp_ports=3306 / rediacc.udp_ports=53
rdc repo template apply <template> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Target machine name | Yes | - |
-r, --repository <name> | Repository name (connects to repository environment) | Yes | - |
--file <path> | Path to custom template JSON file ({"version":"2","files":{"Rediaccfile":"...","docker-compose.yml":"..."}}) — overrides the built-in template name | No | - |
--grand <name> | Parent credential repository (auto-resolves name to GUID). Only for repos sharing secrets with a parent | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.18 push
Push repository to a remote (machine or storage). Omit name to push all repos. The target type is auto-detected from config. For machine-to-machine transfer, the encrypted repo image is copied with the SAME GUID — this is a backup/migration, not a fork. To create an independent fork, use 'repo fork' first, then push. Use --up to deploy after push
rdc repo push [repo] [options]| Flag | Description | Required | Default |
|---|---|---|---|
--to <remote> | Destination machine or storage name (auto-detected from config) | No | - |
--to-machine <machine> | — | No | - |
--provision <provider> | Auto-provision target machine via cloud provider if it doesn't exist | No | - |
--checkpoint | Create CRIU checkpoint before backup (captures process memory state for live migration) | No | - |
--force | Force overwrite existing backup | No | - |
--up | After push, mount and deploy repository on target machine | No | - |
--tag <tag> | Deployment tag for versioning | No | - |
-m, --machine <name> | Machine name | Yes | - |
-w, --watch | Watch for changes | No | - |
--parallel | Start repositories concurrently | No | - |
--concurrency <n> | Max concurrent repositories (default: 3) | No | 3 |
-y, --yes | Skip confirmation for batch operations | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.19 pull
Pull repository from a remote (machine or storage). Omit name to pull all repos. The source type is auto-detected from config. Use --up to deploy after pull
rdc repo pull [repo] [options]| Flag | Description | Required | Default |
|---|---|---|---|
--from <remote> | Source machine or storage name (auto-detected from config) | No | - |
--from-machine <machine> | — | No | - |
--force | Force overwrite existing repository | No | - |
--up | After pull, mount and deploy repository on this machine | No | - |
-m, --machine <name> | Machine name | Yes | - |
-w, --watch | Watch for changes | No | - |
--parallel | Start repositories concurrently | No | - |
--concurrency <n> | Max concurrent repositories (default: 3) | No | 3 |
-y, --yes | Skip confirmation for batch operations | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.20 backup
Manage repository backups
list
List available backups on a remote (machine or storage)
rdc repo backup list [options]| Flag | Description | Required | Default |
|---|---|---|---|
--from <remote> | Source machine or storage name (auto-detected from config) | No | - |
--from-machine <machine> | — | No | - |
-m, --machine <name> | Machine name | Yes | - |
-w, --watch | Watch for changes | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
6.21 sync
Sync repositories and files (bulk push/pull, file transfer)
push
Push repositories to cloud storage (omit name to push all)
rdc repo sync pushpull
Pull repositories from cloud storage (omit name to pull all)
rdc repo sync pullupload
Upload files to a repository via rsync over SSH (delta transfer). Use --mirror to delete extra remote files, --dry-run to preview, --exclude to skip patterns
rdc repo sync upload [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
-m, --machine <name> | Machine name | Yes | - |
-r, --repository <name> | Repository name (connects to repository environment) | No | - |
--local <path> | Local directory path (default: current directory) | No | - |
--remote <path> | Remote subdirectory path within repository | No | - |
--mirror | Mirror mode - delete remote files not present locally | No | - |
--verify | Verify files using checksums after sync | No | - |
--confirm | Preview changes and ask for confirmation before syncing | No | - |
--exclude <patterns...> | Patterns to exclude from sync | No | - |
--dry-run | Show what would be done without making changes | No | - |
download
Download files from a repository via rsync over SSH (delta transfer). Use --mirror to delete extra local files, --dry-run to preview, --exclude to skip patterns
rdc repo sync download [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
-m, --machine <name> | Machine name | Yes | - |
-r, --repository <name> | Repository name (connects to repository environment) | No | - |
--local <path> | Local directory path (default: current directory) | No | - |
--remote <path> | Remote subdirectory path within repository | No | - |
--mirror | Mirror mode - delete local files not present on remote | No | - |
--verify | Verify files using checksums after sync | No | - |
--confirm | Preview changes and ask for confirmation before syncing | No | - |
--exclude <patterns...> | Patterns to exclude from sync | No | - |
--dry-run | Show what would be done without making changes | No | - |
status
Dry-run comparison of local and remote files (shows what would be transferred without actually transferring)
rdc repo sync status [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
-m, --machine <name> | Machine name | Yes | - |
-r, --repository <name> | Repository name (connects to repository environment) | No | - |
--local <path> | Local directory path (default: current directory) | No | - |
--remote <path> | Remote subdirectory path within repository | No | - |
6.22 snapshot
Manage BTRFS snapshots on remote machines
create
Create a point-in-time BTRFS snapshot of a repository (instant, no downtime). Use --snapshot-name for a custom name
rdc repo snapshot createlist
List BTRFS snapshots on a remote machine with name, creation date, and size
rdc repo snapshot listdelete
Delete a snapshot from a remote machine
rdc repo snapshot delete6.23 tunnel
Create an SSH port-forward tunnel to a container's port on a remote machine. Auto-detects container and port when unambiguous. The tunnel stays open until you press Ctrl+C
rdc repo tunnel [machine] [repository] [options]| Flag | Description | Required | Default |
|---|---|---|---|
-c, --container <name> | Container name (auto-detected if only one running) | No | - |
--port <port> | Remote container port to forward | No | - |
--local <port> | Local port (defaults to same as remote port) | No | - |
7. Storage Management
Manage remote backup storage providers (S3, rclone-compatible). CRUD operations (list, create, rename, delete), vault configuration, browse remote files, and prune orphaned backups.
7.1 list
List storage providers
rdc storage list [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
--search <text> | Search in {{field}} | No | - |
--sort <field> | Sort by field | No | - |
--desc | Sort in descending order | No | - |
7.2 create
Create a new storage provider
rdc storage create <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
7.3 rename
Rename a storage provider
rdc storage rename <oldName> <newName> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
7.4 delete
Delete a storage provider
rdc storage delete <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
-f, --force | Skip confirmation prompts | No | - |
--dry-run | Show what would be done without making changes | No | - |
7.5 vault
Storage vault management (cloud adapter only)
rdc storage vault7.6 browse
Browse files in a storage system
rdc storage browse <name> [options]| Flag | Description | Required | Default |
|---|---|---|---|
--path <subpath> | Subdirectory path to list | No | “ |
7.7 prune
Delete orphaned backups from storage that are no longer in any config. Multi-config safe with grace period protection.
rdc storage prune <storageName> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Machine name | Yes | - |
--dry-run | Show what would be done without making changes | No | - |
--force | Skip confirmation prompts | No | - |
--grace-days <days> | Grace period in days for recently archived repos (default: 7) | No | - |
--debug | Enable debug output | No | - |
--skip-router-restart | Skip restarting the route server after binary update | No | - |
7.8 pull
Pull a backup from cloud storage to a machine
rdc storage pull8. VS Code Integration
Open VS Code with Remote SSH to a machine or repository with sandboxed per-repo environment. Same SSH connection as `term` but launches VS Code instead. Key subcommands: connect (or positional shorthand), list (show configured connections), cleanup (remove SSH config entries), check (verify VS Code installation).
8.1 connect
Connect to a machine or repository in VS Code
rdc vscode connect [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
-m, --machine <name> | Machine name | No | - |
-r, --repository <name> | Repository name (connects to repository environment) | No | - |
-f, --folder <path> | Remote folder path to open | No | - |
--url-only | Print the VS Code URI instead of launching | No | - |
-n, --new-window | Open in new VS Code window | No | - |
--skip-env-setup | Skip remote environment setup | No | - |
--insiders | Use VS Code Insiders settings | No | - |
8.2 list
List configured VS Code SSH connections
rdc vscode list8.3 cleanup
Remove VS Code SSH configurations
rdc vscode cleanup [options]| Flag | Description | Required | Default |
|---|---|---|---|
--all | Remove all rediacc SSH configurations | No | - |
-c, --connection <name> | Remove specific connection | No | - |
8.4 check
Check VS Code installation and configuration
rdc vscode check [options]| Flag | Description | Required | Default |
|---|---|---|---|
--insiders | Use VS Code Insiders settings | No | - |
9. SSH Terminal Access
Open an SSH terminal to a machine or repository context. Sets up DOCKER_HOST, working directory, and environment automatically. Supports container actions via --container: logs, exec, stats, terminal. Use `-c` to run a single command non-interactively. For VS Code, use `vscode` instead.
9.1 connect
Connect to a machine or repository via SSH
rdc term connect [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --team <name> | Team name | No | - |
-m, --machine <name> | Machine name | No | - |
-r, --repository <name> | Repository name (connects to repository environment) | No | - |
-c, --command <cmd> | Execute a command instead of interactive shell | No | - |
--container <id> | Connect to a specific Docker container | No | - |
--container-action <action> | Container action: terminal, logs, stats, exec | No | - |
--log-lines <lines> | Number of log lines to show (default: 50) | No | - |
--follow | Follow logs output | No | - |
--external | Force launching in external terminal window | No | - |
--reset-home | Reset per-repo home overlay for a fresh start | No | - |
10. Protocol Handler
Register and handle {{scheme}}:// protocol URLs
10.1 register
Register the protocol handler on the system
rdc protocol register [options]| Flag | Description | Required | Default |
|---|---|---|---|
--system | Register system-wide (requires admin privileges) | No | - |
--force | Force re-registration even if already registered | No | - |
10.2 unregister
Unregister the protocol handler from the system
rdc protocol unregister [options]| Flag | Description | Required | Default |
|---|---|---|---|
--system | Unregister system-wide registration (requires admin privileges) | No | - |
10.3 status
Show protocol handler registration status
rdc protocol status10.4 open
Open a {{scheme}}:// URL and execute the action
rdc protocol open <url>10.5 build
Build a {{scheme}}:// URL from components
rdc protocol build [options]| Flag | Description | Required | Default |
|---|---|---|---|
--token <token> | Authentication token | Yes | - |
-t, --team <name> | Team name | Yes | - |
-m, --machine <name> | Machine name | Yes | - |
-r, --repository <name> | Repository name (connects to repository environment) | No | - |
-a, --action <action> | Action ({{actions}}) | No | desktop |
-p, --params <key=value...> | Additional parameters | No | - |
10.6 parse
Parse a {{scheme}}:// URL and show components
rdc protocol parse <url>11. Quick Commands (Shortcuts)
11.1 run
WARNING: Low-level command for debugging and experimentation only. Not for production use. Use higher-level commands (repo up, repo down, etc.) instead. Runs a raw bridge function on a machine.
rdc run11.2 trace
Trace a task (shortcut for: queue trace)
rdc trace11.3 cancel
Cancel a task (shortcut for: queue cancel)
rdc cancel11.4 retry
Retry a failed task (shortcut for: queue retry)
rdc retry12. Subscription Management
Manage machine activation, licensing, and subscription tokens. Key subcommands: login (authenticate with subscription portal), status (show current license state), activation (activate/deactivate machines), repo (manage per-repo licenses).
12.1 login
Authenticate via browser or API token
rdc subscription login [options]| Flag | Description | Required | Default |
|---|---|---|---|
-t, --token <token> | API token (rdt_...) | No | - |
--server <url> | Account server URL | No | - |
12.2 logout
Clear stored subscription token
rdc subscription logout12.3 status
Show subscription, machine activation, and repo license status
rdc subscription status12.4 activation
Machine activation management
status
Show machine activation status for one machine
rdc subscription activation status [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Machine name | Yes | - |
12.5 repo
Repo license management
status
Show installed repo licenses on a machine
rdc subscription repo status [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Machine name | Yes | - |
12.6 refresh
Refresh machine activation and repo licenses on a remote machine
activation
Refresh machine activation on a remote machine
rdc subscription refresh activation [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Machine name | Yes | - |
repos
Batch-refresh repo licenses on a remote machine
rdc subscription refresh repos [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Machine name | Yes | - |
repo
Refresh the repo license for a specific repository
rdc subscription refresh repo <repo> [options]| Flag | Description | Required | Default |
|---|---|---|---|
-m, --machine <name> | Machine name | Yes | - |
13. CLI Updates
Check for new CLI versions and apply updates. Supports --check-only to check without installing, and --force to update even if already on the latest version.
rdc update [options]| Flag | Description | Required | Default |
|---|---|---|---|
--force | Force update even if already up-to-date | No | - |
--check-only | Only check for updates without downloading | No | - |
--rollback | Rollback to the previous version | No | - |
--status | Show auto-update status and diagnostics | No | - |
14. System Diagnostics
Run diagnostic checks on the CLI environment: Node.js version, renet binary availability, config file validity, SSH key status, and network connectivity. Outputs a structured health report with pass/fail indicators.
rdc doctor15. Experimental VM Operations
Local VM provisioning and management using KVM/QEMU/Hyper-V (platform auto-detected). Not for remote machines — use `machine` for those. Key subcommands: up (start VMs), down (stop), status (list running VMs), ssh (connect to VM), setup (install prerequisites), check (verify host readiness).
15.1 up
Provision VM cluster locally
rdc ops up [options]| Flag | Description | Required | Default |
|---|---|---|---|
--force | Force restart all VMs | No | - |
--parallel | Create VMs in parallel | No | - |
--basic | Minimal cluster (bridge + 1 worker) | No | - |
--lite | Skip VM provisioning (status only) | No | - |
--skip-orchestration | Skip cluster orchestration | No | - |
--backend <backend> | Virtualization backend (kvm|qemu, auto-detected) | No | - |
--os <name> | VM operating system (e.g., ubuntu-24.04, debian-12) | No | - |
--debug | Enable debug output | No | - |
15.2 down
Destroy VM cluster
rdc ops down [options]| Flag | Description | Required | Default |
|---|---|---|---|
--backend <backend> | Virtualization backend (kvm|qemu, auto-detected) | No | - |
--debug | Enable debug output | No | - |
15.3 status
Show VM cluster status
rdc ops status [options]| Flag | Description | Required | Default |
|---|---|---|---|
--backend <backend> | Virtualization backend (kvm|qemu, auto-detected) | No | - |
15.4 ssh
SSH into a VM
rdc ops ssh <vmId> [command...] [options]| Flag | Description | Required | Default |
|---|---|---|---|
--backend <backend> | Virtualization backend (kvm|qemu, auto-detected) | No | - |
--user <user> | SSH username for VM connection | No | - |
15.5 setup
Install virtualization prerequisites
rdc ops setup [options]| Flag | Description | Required | Default |
|---|---|---|---|
--debug | Enable debug output | No | - |
15.6 check
Verify virtualization prerequisites
rdc ops checkCommon Error Messages
When something goes wrong, the CLI provides clear error messages:
| Error | Meaning |
|---|---|
| Authentication required. Run: rdc auth login | You need to log in first |
| No active config. Create one with: rdc config init <name> | No config is active — create one with `rdc config init` |
| Permission denied | Your account lacks the required permissions |
| Machine name required. Use --machine <name> | Specify a machine with `--machine` or set a config default |
| Team name required. Use --team or set default with: rdc config set team <name> | Specify a team with `--team` or set a config default |
| Region name required. Use --region or set default with: rdc config set region <name> | Specify a region with `--region` or set a config default |
Output Formats
All list/get commands support multiple output formats via `--output`:
rdc machine list --output json
rdc machine list --output yaml
rdc machine list --output csv
rdc machine list --output table # defaultThis makes it easy to integrate Rediacc CLI into scripts, CI/CD pipelines, and automation workflows.