Open-source network automation

rauto is a Rust-based network automation toolkit.

It provides CLI, local Web, and agent APIs for commands, templates, transactions, orchestration, replay, backup, and reusable connection state.

Open GitHub

Read Docs

Execution mesh

exec · template · orchestrate

Control plane ready · 7 connections · last task success

campus-access

inventory group hosts=3

edge-prod-01

runtime history active

task-center

records ready

rauto flow --template scp --connection edge-prod-01 --vars-json '{"peer":"edge-prod-02","local_path":"/tmp/rauto-demo.txt","remote_path":"/tmp/rauto-demo.txt"}'

rauto orchestrate campus-vlan-orchestration.json --view

[info] runtime loaded: 7 saved connections

[step] flow template: scp

[ok] replay available for last exec record

[ok] orchestration preview generated

7 saved connections

2 inventory groups

2 flow templates

success last task status

CLI + Web + Agent APIInventory + TemplatesReplay + TasksOrchestration + Backup

Core capabilities

Current capabilities in the rauto runtime.

CLI and local Web now cover execution, inventory, templates, flow templates, task tracking, replay, backup, upload, and policy guardrails.

Standard delivery surface

Use direct execute, template execute, and command flow from one panel with shared connection and mode context.

Orchestrated delivery surface

Run Tx Block, Tx Workflow, and multi-stage Orchestrate plans for staged rollout and rollback-aware execution.

Runtime asset workbench

Manage saved connections, prompt profiles, templates, flow templates, and inventory groups as shared runtime assets.

Safety and operations center

Combine command blacklist, recording levels, replay/history, backup/restore, and task center visibility in one operational loop.

Execution workflow

Current execution flow.

Typical operator path aligned with current Web and CLI execution surfaces.

Set target and runtime context

Pick a saved connection or inventory group, then confirm device profile, SSH security, and runtime vars before execution.

Choose delivery mode

Select Standard delivery (exec/template/flow) or Orchestrated delivery (tx block/workflow/orchestrate) based on change risk.

Execute with recording and guardrails

Apply blacklist checks, choose record level, and execute with mode-aware prompts and structured task/event reporting.

Review, replay, and recover

Use Task Center, history and replay to audit outcomes, and use backup/restore when runtime state must be migrated or recovered.

Operator surfaces

Current local runtime layout.

Connections, inventory, profiles, templates, tasks, records, and backups live under one runtime.

The local runtime keeps operator state in one place for CLI, Web, replay, blacklist, and backup flows.

Saved connections

Store reusable host, auth, port, SSH security, and profile context by name, while keeping newly saved secrets in the system keychain.

Templates and device profiles

Render commands with MiniJinja and model prompt transitions with TOML profiles inherited from rneter.

Session records and history

Capture execution detail as structured events so review and post-change debugging stop depending on memory.

Backup and restore

Archive the local runtime under ~/.rauto and recover connections, profiles, templates, and records when needed, while keeping keychain-backed secrets outside the archive.

Use cases

Representative operator flows.

Current command patterns and output snapshots from the runtime.

Bulk switch changes

Render the same intended change across multiple access devices while keeping connection state and prompt handling consistent.

Command

rauto orchestrate campus-vlan-orchestration.json --view

Output

# orchestration_plan: campus-vlan-rollout
file: campus-vlan-orchestration.json
overview: fail_fast=true rollback_on_stage_failure=true rollback_completed_stages_on_failure=false stages=2 inventory_groups=2

[Stage 1/2] core
strategy=serial fail_fast=false jobs=1
  [Job 1/1] core-job
  strategy=serial fail_fast=true targets=2 action=tx_workflow (workflow_file=./core-vlan-workflow.json)
  target_groups=core
  - core-01
  - core-02

[Stage 2/2] access
strategy=serial fail_fast=false jobs=1
  [Job 1/1] access-job
  strategy=parallel fail_fast=true targets=2 action=tx_block (template=configure_vlan.j2, mode=Config)
  max_parallel=10
  target_groups=access
  - sw-01
  - sw-02

Template-based firewall or router updates

Drive repeatable policy or interface changes from templates and variable files instead of manually retyping each sequence.

Command

rauto template configure_vlan.j2 --vars templates/example_vars.json --dry-run

Output

--- Rendered Commands ---
conf t

vlan 10
 name Marketing

vlan 20
 name Engineering

end
-------------------------

Replay after a noisy maintenance window

Use recorded session events and history detail to reconstruct what happened without relying on terminal scrollback.

Command

rauto history list edge-prod-01 --limit 5
rauto replay /private/tmp/website-demo-exec.jsonl --list

Output

# connection: edge-prod-01
- [1777824859401] template: scp mode=User level=full file=sqlite://~/.rauto/rauto.db#history/1777824859401_command_flow
- [1777824843199] touch /tmp/rauto-demo.txt mode=Root level=full file=sqlite://~/.rauto/rauto.db#history/1777824843199_exec
- [1777824800314] uname -a mode=Root level=full file=sqlite://~/.rauto/rauto.db#history/1777824800314_exec
- [1777824795188] template: scp mode=User level=full file=sqlite://~/.rauto/rauto.db#history/1777824795188_command_flow
- [1777367945542] load-and-restart mode=Root level=key-events-only file=sqlite://~/.rauto/rauto.db#history/1777367945542_orchestrate_tx_block

# context: device=<USER>@<HOST>:22 prompt=<PROMPT> fsm_prompt=root
1. mode=root success=true exit_code=0 command=uname -a

Reusable lab-to-production workflows

Validate device profiles and execution paths in a lab, then reuse the same operational assets for production runs.

Command

rauto profile diagnose cisco --json
rauto flow-template show scp
rauto backup list

Output

{
  "total_states": 7,
  "graph_states": [
    "config",
    "enable",
    "login"
  ],
  "entry_states": [],
  "missing_edge_sources": [],
  "missing_edge_targets": [],
  "unreachable_states": [],
  "dead_end_states": [],
  "duplicate_prompt_patterns": [],
  "potentially_ambiguous_prompt_states": [],
  "self_loop_only_states": []
}

name = "scp"
description = "Use one peer var, then resolve peer.host/peer.username/peer.password in rauto."
stop_on_error = true
default_mode = "User"

[[vars]]
name = "peer"
label = "Target Connection Name"
type = "string"
required = true

[[vars]]
name = "local_path"
label = "Local File Path"
type = "string"
required = true

[[vars]]
name = "remote_path"
label = "Remote File Path"
type = "string"
required = true

[[steps]]
command = "scp -P {{peer.port}} {{local_path}} {{peer.username}}@{{peer.host}}:{{remote_path}}"

- ~/.rauto/backups/rauto-backup-1777824868.tar.gz

Inside rauto

Current runtime components.

Execution, inventory-driven rollout, stored assets, audit trails, local UI, and managed agent mode.

Delivery engine

A single engine behind direct execute, template execute, command flow, tx block, tx workflow, and orchestration plans.

State and asset stores

Saved connections, inventory groups, templates, flow templates, and prompt profiles stay reusable across CLI and Web surfaces.

Audit and safety plane

Recording, replay, history, blacklist, and task tracking provide pre-flight protection plus post-change auditability.

Local and managed control

Operate locally through `rauto web`, or run `rauto agent` to register into `rauto-manager` for centralized control.

Open ecosystem

Project roles in the current ecosystem.

`rauto` is the execution runtime. `rauto-manager` is the self-hosted control plane for multiple managed agents.

rauto

Rust-based execution runtime with CLI, local Web UI, agent APIs, saved connections, templates, orchestration, replay, backup, and command blacklist handling.

Open GitHub

rauto-manager

Self-hosted control plane for multiple `rauto` agents with HTTP/gRPC agent support, shared inventory, centralized dispatch, workflow/orchestration design, live execution visibility, history, and notifications.

View rauto-manager

FAQ

Current behavior notes.

Short answers about runtime behavior and data handling.

How do the CLI and Web console fit together?

They share the same local runtime data and execution model, so saved connections, templates, profiles, records, and backups stay aligned.

Can I preview commands before touching devices?

Yes. Dry-run flows let you inspect rendered commands before execution, which is critical when templates or variable files are involved.

Can I define my own device prompt behavior?

Yes. rauto supports built-in profiles inherited from rneter and custom TOML profiles so you can model prompt states and execution modes for your environment.

What data stays local?

Connections, templates, profiles, records, and backup archives live in the local runtime directory. The current product positioning is explicitly local and open-source first.

Repository and documentation.

Read the docs, browse the repository, or check published releases.

Open GitHub

Read Docs