Skip to main content

Local Deployment

This guide explains how to deploy and run Kexa locally on your machine.

Prerequisites

  • BunJS
  • Git
  • Access to cloud provider accounts (AWS, Azure, GCP, or others)

Installation Steps

  1. Clone the Repository

    git clone https://github.com/kexa-io/Kexa.git
    cd Kexa

  2. Install Dependencies

    bun install

  3. Environment Setup

      • Create a .env file and add your necessary environment variables:
      # Rules directory
      RULESDIRECTORY=./rules

      # Output directory
      OUTPUT=./output

      # Provider authentication variables
      # (Add your provider-specific variables)

  4. Configure Rules

    • Create or copy rules to your rules directory
    • Ensure rules are properly formatted in YAML
    • Test rules with bun run validate-rules

Running Kexa

Development Mode

bun run dev

Production Mode

bun run build
bun run start

Scheduled Runs

You can set up scheduled runs using cron jobs:

# Example cron job to run Kexa daily at midnight
0 0 * * * cd /path/to/Kexa && bun run start

Monitoring

Logs

  • Check console output for real-time logs

  • Logs are also saved to ./logs directory

  • Configure log level in .env:

    DEBUG_LEVEL=INFO  # debug, info, warn, error

Output

  • Scan results are saved to the configured output directory
  • Reports are generated in HTML format
  • Check ./output directory for results

Troubleshooting

Common Issues

  1. Authentication Errors

    • Verify provider credentials
    • Check environment variables
    • Ensure proper permissions

  2. Rule Validation Errors

    • Check rule syntax
    • Verify rule file format
    • Test rules individually

  3. Performance Issues

    • Monitor system resources
    • Check network connectivity
    • Review scan configuration

Debug Mode

Enable debug mode for detailed logging: The level are from 0 to 9 ( verbose )

DEBUG_MODE=9

Security Considerations

  1. Credentials

    • Never commit .env files
    • Use secure credential storage
    • Rotate credentials regularly

  2. File Permissions

    • Restrict access to sensitive files
    • Use appropriate file permissions
    • Secure output directory

  3. Network Security

    • Use secure connections
    • Implement proper firewall rules
    • Monitor network access

Maintenance

Updates

# Pull latest changes
git pull origin main

# Update dependencies
bun install

# Rebuild if necessary
bun run build

Backup

  • Regularly backup configuration files
  • Export important rules
  • Archive scan results

Next Steps