Denkeeper

CLI Reference

Global flags

FlagDescription
--config PATHPath to config file (default: ~/.denkeeper/denkeeper.toml)
--versionPrint version and exit
--helpPrint help

denkeeper serve

Start the agent. Loads config, connects adapters, starts the scheduler, and optionally starts the REST API server.

denkeeper serve
denkeeper serve --config /etc/denkeeper/denkeeper.toml

denkeeper setup

Interactive first-run wizard. Creates ~/.denkeeper/denkeeper.toml with your LLM provider, API keys, and Telegram configuration.

denkeeper setup

denkeeper keys

Manage API keys for the REST API.

denkeeper keys create --name dashboard --scopes admin,chat,sessions:read
denkeeper keys list
denkeeper keys revoke --name dashboard

denkeeper keys create

FlagDescription
--nameKey name (required)
--scopesComma-separated list of scopes

The plaintext key is displayed once on creation and cannot be recovered.

denkeeper keys list

Lists all API keys with their names, scopes, and creation dates. The key secret is never shown.

denkeeper keys revoke

FlagDescription
--nameKey name to revoke (required)

Revocation is immediate — the key stops working as soon as the command completes.

denkeeper keys delete

FlagDescription
--nameKey name to permanently delete (required)

Permanently removes a revoked key from the database. Only revoked keys can be deleted.

denkeeper sessions

Manage conversation sessions stored in the memory database.

denkeeper sessions list

List all sessions with metadata.

denkeeper sessions list
denkeeper sessions list --config /path/to/denkeeper.toml

Displays a table with session ID, adapter, external ID, message count, cost, and creation date.

denkeeper sessions show <session-id>

Display all messages in a session.

denkeeper sessions show "telegram:12345"

Shows each message with timestamp, role, and content (truncated to 120 characters).

denkeeper sessions delete <session-id>

Delete a session and all its messages.

denkeeper sessions delete "telegram:12345"
denkeeper sessions delete "telegram:12345" --yes
FlagDescription
--yes, -ySkip confirmation prompt

denkeeper sessions export <session-id>

Export a session transcript to stdout.

denkeeper sessions export "telegram:12345"
denkeeper sessions export "telegram:12345" --format json > session.json
FlagDescription
--format, -fOutput format: text (default) or json

denkeeper sessions prune

Delete sessions older than a specified duration.

denkeeper sessions prune --older-than 720h
denkeeper sessions prune --older-than 720h --yes
FlagDescription
--older-thanDuration threshold (e.g., 720h for 30 days). Required.
--yes, -ySkip confirmation prompt

denkeeper passwd

Generate a bcrypt hash for dashboard password login.

denkeeper passwd

Reads the password interactively with confirmation. Also accepts piped stdin for scripted use:

echo "my-password" | denkeeper passwd

Outputs a bcrypt hash (cost 13) suitable for the api.auth.password_hash config field.

denkeeper plugin

Manage Ed25519 plugin signing. These commands help you sign and verify plugin binaries for secure distribution.

denkeeper plugin keygen <name>

Generate an Ed25519 key pair for plugin signing.

denkeeper plugin keygen my-plugin
denkeeper plugin keygen my-plugin --output /path/to/keys
FlagDescription
--outputOutput directory for key files (default: current directory)

Creates two files: <name>.pub (public key, PEM) and <name>.key (private key, PEM, mode 0600).

denkeeper plugin sign <binary>

Sign a plugin binary with an Ed25519 private key.

denkeeper plugin sign ./my-plugin --key my-plugin.key
FlagDescription
--keyPath to private key file (required)

Creates a detached signature file <binary>.sig.

denkeeper plugin verify <binary>

Verify a plugin binary’s signature against one or more public keys.

denkeeper plugin verify ./my-plugin --key my-plugin.pub
denkeeper plugin verify ./my-plugin --key key1.pub --key key2.pub
FlagDescription
--keyPath to public key file (required, repeatable)

Exits with code 0 if the signature is valid for any of the provided keys.

Prev
Telegram Setup
Next
First Run