Collector endpoints
Enrollment, lifecycle, certificate chain.
POST /v1/collectors/codes
Mint a one-shot enrollment code. Admin-scoped.
POST /v1/collectors/enroll
The installer's first call. Body: {code, hostname, platform}. Returns: per-collector token, registry credentials, image reference. The collector then writes the token to /etc/kilasec/collector.env and starts the container.
GET /v1/collectors
List enrolled collectors for this tenant.
GET /v1/collectors/{id}/status
Health + last-seen timestamp + recent-event count.
POST /v1/collectors/{id}/restart
Restart the collector via systemd. Live lifecycle phases stream back (since 1cf9978).
POST /v1/collectors/{id}/rebuild
Pull the latest image, then restart. Used for dev-loop iteration (since 8d86f3c).
GET /v1/collectors/{id}/pac-url
The PAC URL the customer hands to DHCP. Served by the collector itself at :9443 with a cert signed by the collector's mitmproxy CA.
GET /v1/collectors/{id}/ca
The collector's mitm CA certificate chain (public only — never the private key).
DELETE /v1/collectors/{id}
Revoke the collector. The container will start failing to authenticate within seconds and stop on its next restart. Use /v1/collectors/{id}/purge for the hard delete that also drops historical events.
POST /v1/collectors/purge-revoked
Bulk delete revoked collectors more than N days old (since 1fde493).