Operator Guide
The Operator Guide is for people who run Vexillum reflectors.
This section covers the practical parts of operating a Vexillum deployment: configuration, listener defaults, the admin interface, public status views, metrics, users, roles, and general runtime behavior.
Vexillum is designed to run multiple amateur radio reflector modes from one application. Instead of managing a separate daemon and dashboard for every protocol, operators can configure and supervise mode instances through a shared runtime.
Operator responsibilities
Section titled “Operator responsibilities”A Vexillum operator is usually responsible for:
- Choosing which modes to enable
- Configuring listener addresses and ports
- Managing firewall and NAT rules
- Creating and managing admin users
- Assigning roles and permissions
- Monitoring reflector health
- Reviewing audit logs
- Updating Vexillum
- Publishing useful public status information
Radio infrastructure is still infrastructure, despite everyone’s best effort to pretend repeaters are maintained by folklore and laminated cheat sheets.
Main operator topics
Section titled “Main operator topics”Configuration
Section titled “Configuration”The configuration page explains the main TOML configuration file, listener defaults, web settings, metrics, storage, logging, and per-mode defaults.
Admin interface
Section titled “Admin interface”The admin interface page explains how operators manage users, roles, policies, mode instances, audit logs, and account security through the built-in web UI.
Public status and metrics
Section titled “Public status and metrics”The metrics and status page explains the difference between the public web interface and the metrics listener, and how each can be used to monitor or publish reflector information.
Deployment model
Section titled “Deployment model”A typical Vexillum deployment includes:
| Component | Purpose |
|---|---|
| Vexillum daemon | Runs the reflector runtime and enabled mode instances |
| Configuration file | Defines application, listener, storage, and logging settings |
| Admin web interface | Provides authenticated operator management |
| Public web interface | Exposes non-administrative reflector status |
| Metrics listener | Exposes runtime metrics for monitoring |
| Firewall/NAT rules | Controls access to mode listeners and web interfaces |
In most deployments, the mode listener ports are exposed publicly while administrative services are kept local, firewalled, or placed behind a reverse proxy with additional access controls.
Recommended operating approach
Section titled “Recommended operating approach”For a basic deployment:
- Start with a minimal configuration.
- Enable only the modes you plan to use.
- Bind the admin interface to localhost or a private address.
- Expose only the protocol ports required for your deployment.
- Verify that metrics and public status behave as expected.
- Create named admin users instead of sharing one account.
- Use roles to limit access where possible.
- Review audit logs after configuration changes.
Current project status
Section titled “Current project status”Vexillum is under active development. Some features and mode behavior may change as the project matures.
Operators should treat early deployments as experimental unless they have reviewed the current code, configuration, and protocol behavior for their own use case.