Install

Burrowee ships three installable components, each with its own one-line installer on the public release channel at release.burrowee.com. Every download is verified end-to-end before a single byte runs: minisign signature → SHA-256 checksum → unzip → a verified inner installer.

Component	One-liner	Binaries installed
CLI — the client you connect from	`curl -fsSL --proto '=https' --tlsv1.2 https://release.burrowee.com/cli/install.sh \| sh`	`burrowee`, `burrowee-cli`
Gateway — the machine you connect to	`curl -fsSL --proto '=https' --tlsv1.2 https://release.burrowee.com/gateway/install.sh \| sh`	`burrowee`, `burrowee-gateway`, `burrowee-register`
Edge — your own self-hosted relay	`curl -fsSL --proto '=https' --tlsv1.2 https://release.burrowee.com/edge/install.sh \| sh`	`burrowee`, `burrowee-edge`

Each component bundles the burrowee dispatcher (see below), so after any one install the bare burrowee command works. Per-component walkthroughs: CLI · Gateway · Edge.

What the installer does

The install.sh you pipe to sh is the trust anchor. It never runs an unverified byte:

Detects your platform — macOS (darwin) or Linux, arm64 or amd64. Anything else aborts.
Resolves the release — the latest published GitHub release for that component, unless you pin a version.
Downloads the release zip plus SHA256SUMS.txt and SHA256SUMS.txt.minisig.
Verifies the minisign signature over the sums file, against a public key baked into the installer itself — no key is fetched over the network.
Verifies the zip's SHA-256 against the now-trusted sums file.
Unzips and runs the inner installer, which installs the binaries to $PREFIX/bin — by default $HOME/.local/bin.

Any failure at any step aborts before anything is installed.

The inner installer finishes by checking that the bin directory is on your PATH (it prints the export PATH=… line to add if not) and, on a fresh interactive install, offering to set the component up immediately — see the per-component pages for that first-run prompt.

Prerequisites

The installer needs curl, unzip, a SHA-256 tool (shasum on macOS or sha256sum on Linux — it detects either), and minisign.

minisign is required — and never auto-fetched

minisign is the trust root: it must already be on PATH from a source you trust (your package manager). The installer refuses to download a verifier over the network, because an unverified verifier would defeat the whole signature chain. If it is missing, install it and re-run:

brew install minisign          # macOS
apt-get install minisign       # Debian/Ubuntu (or your distro's package manager)

Upstream: https://github.com/jedisct1/minisign

Verify by hand

The signing public key is mirrored at https://release.burrowee.com/burrowee-release.pub. To verify a release download yourself:

minisign -V -P "$(cat burrowee-release.pub)" \
  -m SHA256SUMS.txt -x SHA256SUMS.txt.minisig
shasum -a 256 -c --ignore-missing SHA256SUMS.txt   # or sha256sum on Linux

A failed signature check means the bytes are untrusted — do not install them.

Supported platforms

OS	arm64	amd64
macOS (darwin)	✓	✓
Linux	✓	✓

Windows is not supported.

The `burrowee` dispatcher

Every component zip ships burrowee — the universal entry command. It is a zero-logic dispatcher: burrowee <component> … finds the installed burrowee-<component> binary (on PATH, then /usr/local/bin, /opt/homebrew/bin, ~/.local/bin) and replaces itself with it. Anything that isn't a component word falls through to the CLI untouched, so burrowee connect … runs burrowee-cli connect ….

Word	Runs	What it is
`cli`	`burrowee-cli`	client tunnels (connect, ssh, daemon, relays) — also the fallthrough default
`gateway`	`burrowee-gateway`	the home gateway daemon + local console
`relay`	`burrowee-relay`	the system relay server
`edge`	`burrowee-edge`	self-hosted edge relay
`console`	`burrowee-console`	the cloud control plane server
`register`	`burrowee-register`	register a local service with the gateway

burrowee --help prints this component table; burrowee <component> --help shows that component's commands. Asking for a component that isn't installed on the machine exits with code 127 and prints which components are installed there, plus where to install the missing one. (Exit 126 means the binary was found but could not be executed.)

Pin a version

Each installer reads a version-pin env var; the value is the release tag (<comp>/<stamp>):

Component	Env var
`cli`	`BURROWEE_CLI_VERSION`
`gateway`	`BURROWEE_GATEWAY_VERSION`
`edge`	`BURROWEE_EDGE_VERSION`

BURROWEE_CLI_VERSION=cli/v0.1.0.2026.06.08.7dbdd72 \
  curl -fsSL https://release.burrowee.com/cli/install.sh | sh

Unset → the installer resolves the newest release for that component.

Choose the install location

Set PREFIX to change the install root (binaries go to PREFIX/bin; the default is $HOME/.local, i.e. binaries in ~/.local/bin):

PREFIX=/usr/local curl -fsSL --proto '=https' --tlsv1.2 https://release.burrowee.com/cli/install.sh | sh

To uninstall a component's binaries, re-run its installer with BURROWEE_UNINSTALL=1.

macOS notes

Gatekeeper quarantine

On macOS the installer strips the com.apple.quarantine attribute from each binary as it installs, so Gatekeeper does not block them. If you ever move binaries onto PATH by hand (for example after a manual download) and macOS refuses to run them, remove the attribute yourself:

xattr -d com.apple.quarantine ~/.local/bin/burrowee-cli

Install ​

What the installer does ​

Prerequisites ​

Verify by hand ​

Supported platforms ​

The burrowee dispatcher ​

Pin a version ​

Choose the install location ​

macOS notes ​