Skip to main content

Authentication

Two new authentication methods for the API server. Mutual TLS provides strong identity verification for production deployments — both client and server present certificates. For teams on a Tailscale network, API requests can authenticate using Tailscale identity with no tokens or certificates required. Historical note: later releases removed inbound mutual TLS listener support from fabro-server; current deployments terminate TLS or mTLS upstream at a reverse proxy or platform ingress.

Setup wizard

Previously, getting Fabro running meant manually editing config files and setting environment variables. Now run fabro install for an interactive walkthrough that configures API keys, server settings, and authentication. 
fabro install
The wizard detects your current configuration, prompts for missing values, and writes everything to ~/.fabro/fabro.toml.

Fabro doctor

A single command to check your entire installation: system dependencies, cryptographic key validation, LLM provider connectivity, and web server configuration. 
fabro doctor
fabro doctor --verbose
Later releases removed the separate --live mode; doctor now always uses live server-backed diagnostics. If something is misconfigured, fabro doctor tells you exactly what’s wrong and how to fix it.

More

  • All configuration consolidated into ~/.fabro/fabro.toml — API keys, auth settings, GitHub App config, and server options in one file
  • Fixed JWT sub claim using the GitHub API URL instead of the profile URL, causing identity mismatches
  • Fixed stale configuration persisting after fabro install until a manual restart
  • New indicatif-based progress display for fabro run start shows real-time stage progress, tool calls, model names, and timing
  • Mercury provider updated to mercury-2; estimated output speed (tok/s) added to fabro model list
  • Run defaults in server.toml are inherited by all workflow runs, so you don’t have to repeat sandbox, model, or concurrency settings