hogsend studio
Serve the bundled Hogsend Studio admin SPA locally and open it in a browser, optionally pointed at a remote instance.
Serve the Studio admin UI bundled with @hogsend/cli on a local port and (optionally) open it in your browser. The Studio is a static single-page app; this command starts a tiny local web server for it.
hogsend studio [options]See Operating → Studio for what the Studio does and how it authenticates.
Options
| Option | Description |
|---|---|
--port <n> | Local port to serve on (default 3333). |
--base-url <url> | API instance the Studio should call (injected at runtime as window.__HOGSEND_STUDIO__). |
--open | Open the Studio in your default browser after starting. |
--dist <path> | Override the Studio dist directory (advanced). |
-h, --help | Show this help. |
Examples
hogsend studio --open
hogsend studio --base-url https://api.example.com --open
hogsend studio --port 4000Notes
- Without
--base-url, the Studio calls the local server it is served from (static preview only — API calls will fail). Set--base-urlto your instance, or open<instance>/studiodirectly. - Because the SPA uses cookie auth, pointing a local Studio at a remote instance requires that instance to allow the Studio's origin (CORS + cross-site cookies). For a hosted instance, the mounted
<instance>/studiois the simplest path. - The command keeps running until you press
Ctrl+C.
hogsend studio admin — shell-gated admin create + recovery
Create or recover a Studio admin account from a trusted shell — the same pattern as PostHog/GitLab/Rails management commands. Public sign-up is disabled (disableSignUp), so this CLI and the env bootstrap are the only two ways to mint an admin — there is no create endpoint over HTTP, no setup token, and no web create-admin form. Web Studio is login + self-service forgot/reset only.
The first admin is minted exactly two ways:
- This CLI (DB-direct):
hogsend studio admin create— run it from a trusted shell withDATABASE_URL+BETTER_AUTH_SECRETloaded. No HTTP, no running API. - Env bootstrap: set
STUDIO_ADMIN_EMAIL(+ optionalSTUDIO_ADMIN_PASSWORD, min 8) and the API process mints it on boot — but only into a zero-user table (idempotent on a fresh DB). WhenSTUDIO_ADMIN_PASSWORDis unset, a strong password is auto-generated and printed once to the server log; rotate it via the Studio reset flow. See Operating → Studio.
This talks directly to the database (no HTTP, no running API): it builds a Better Auth instance against DATABASE_URL and uses Better Auth's server API (its internal adapter, scrypt), so password hashing is identical to the running app and is not subject to disableSignUp. Holding both DATABASE_URL and BETTER_AUTH_SECRET is the gate.
hogsend studio admin <create|reset|list> [options]| Command | Purpose |
|---|---|
create | Create a Studio admin (the first admin, or another). Uses Better Auth's internal adapter — correct for a trusted shell with sign-up closed. |
reset | Set a new password for an existing admin (by email). Revokes existing sessions by default (--no-revoke to keep them). |
list | List existing admins (id, email, name, createdAt). Never selects a password/hash column. |
Loading the environment
DATABASE_URL and BETTER_AUTH_SECRET are read from the environment only — there is no .env file read (consistent with db:migrate). Run the command with your app env loaded:
| Where | Command |
|---|---|
| Local (scaffold) | pnpm studio:admin — the wrapper runs node --env-file=.env node_modules/.bin/hogsend studio admin create. |
| Local (manual) | dotenvx run -- hogsend studio admin create, or export $(grep -v '^#' .env | xargs) first. |
| Railway | railway run hogsend studio admin create, or railway ssh into the service. |
If either var is missing the command fails fast and names both, with this loading guidance.
Options
| Option | Description |
|---|---|
--email <e> | Admin email (required; prompted in a TTY if omitted). |
--name <n> | Display name for create (defaults to the email local-part). |
--password <p> | Password for create/reset. Prefer the masked prompt — a value passed here can leak into your shell history. |
--no-revoke | (reset) Keep existing sessions instead of revoking them. |
--database-url <u> | Override DATABASE_URL (else read from the environment). |
--json | Emit a single JSON result document (non-interactive). |
-h, --help | Show this help. |
Examples
pnpm studio:admin # scaffold wrapper, .env loaded
hogsend studio admin create --email admin@example.com # masked password prompt
hogsend studio admin reset --email admin@example.com
hogsend studio admin list --jsonSecurity
- Passwords are written only through Better Auth (scrypt) — never raw SQL, never plaintext at rest, never logged. The masked prompt is preferred over
--password. - This is the guaranteed recovery path that the self-service password reset email points operators to when no email provider is configured.
hogsend webhooks
Manage outbound webhook endpoints — create, list, update, rotate signing secrets, and send test deliveries from the CLI.
hogsend domain
Set up and verify your sending domain from the CLI — register it with the email provider, get DNS records formatted for your DNS host, auto-apply them on Cloudflare/Vercel, and poll until verified.