`PATCH /api/runners/config` — change the runtime fleet config (system-admin). `hub_mode_enabled` flips the process hub-mode (the boot env var stays the restart default); `least_loaded_dispatch` flips the persisted global RUNG-4 switch. Each provided lever is applied and audited; omitted levers are untouched.
const url = 'https://example.com/api/runners/config';const options = { method: 'PATCH', headers: {'Content-Type': 'application/json'}, body: '{"hub_mode_enabled":true,"least_loaded_dispatch":true,"owner_onboarding_enabled":true,"workspace_fairness_enabled":true}'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request PATCH \ --url https://example.com/api/runners/config \ --header 'Content-Type: application/json' \ --data '{ "hub_mode_enabled": true, "least_loaded_dispatch": true, "owner_onboarding_enabled": true, "workspace_fairness_enabled": true }'Request Bodyrequired
Section titled “Request Bodyrequired”A fleet-config update. Both fields are optional so the UI can flip one lever
without touching the other; a None field is left unchanged.
object
ADR 0046 RUNG 4 — flip the persisted global least-loaded dispatch switch. This is the browser-session write path for the global switch (the operator-token route is unreachable from the session cookie).
ADR 0046 Phase 0 (decision #9) — flip the persisted global owner-onboarding
switch (runner_onboarding_by_owner). System-admin lever: it grants OWNERS
the ability to mint edge enrollment tokens for their own workspaces. Same
global-switch transport as least_loaded_dispatch.
ADR 0046 RUNG 4c — flip the persisted global per-workspace fairness switch
(workspace_fairness). When on, the runner CLAIM path applies per-workspace
admission control so a single workspace cannot monopolise a shared runner pool
(over-share work waits queue-pending). Same global-switch transport as
least_loaded_dispatch.
Examplegenerated
{ "hub_mode_enabled": true, "least_loaded_dispatch": true, "owner_onboarding_enabled": true, "workspace_fairness_enabled": true}Responses
Section titled “Responses”Updated fleet config
Read-only fleet-config status, surfaced so the runners UI can show how the fleet dispatches. Both are instance-global levers.
object
Whether SUPACLOUD_HUB_MODE is enabled on the server. Runners only
receive dispatched work when this is true.
ADR 0046 RUNG 4 — whether weighted least-loaded dispatch ordering is on
(the persisted global dispatch_least_loaded switch; default off = RUNG-0
registry order).
ADR 0046 Phase 0 (decision #9) — whether org/workspace owners may onboard
edge runners scoped to workspaces they own (the persisted global
runner_onboarding_by_owner switch; default off = system-admin-only
onboarding).
ADR 0046 RUNG 4c — whether per-workspace fairness admission control is on
(the persisted global workspace_fairness switch; default off = no admission
control, byte-identical claim). When on, a single workspace cannot monopolise
a shared runner pool — over-share work waits queue-pending at claim time
(the runner skips claiming it) instead of being run.
Examplegenerated
{ "hub_mode_enabled": true, "least_loaded_dispatch": true, "owner_onboarding_enabled": true, "workspace_fairness_enabled": true}Authentication required
The canonical JSON body of every error response — the single source of truth
the frontend binds to. Every AppError serializes as this exact shape, and
the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is
what the frontend error schema is generated from, so there is no hand-written
error schema on either end.
object
Machine-readable, stable error code.
Present only on a quota-exceeded 403 — the inline upgrade-CTA payload.
object
The entitlement feature key that was hit, e.g. apps.max_count.
The plan’s limit for this key.
Where to send the user to upgrade.
Current usage (count or bytes, per the key).
Human-readable message (the server’s English text; the client may localize
by code).
Example
{ "code": "not_found"}Permission denied
The canonical JSON body of every error response — the single source of truth
the frontend binds to. Every AppError serializes as this exact shape, and
the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is
what the frontend error schema is generated from, so there is no hand-written
error schema on either end.
object
Machine-readable, stable error code.
Present only on a quota-exceeded 403 — the inline upgrade-CTA payload.
object
The entitlement feature key that was hit, e.g. apps.max_count.
The plan’s limit for this key.
Where to send the user to upgrade.
Current usage (count or bytes, per the key).
Human-readable message (the server’s English text; the client may localize
by code).
Example
{ "code": "not_found"}Structured server error
The canonical JSON body of every error response — the single source of truth
the frontend binds to. Every AppError serializes as this exact shape, and
the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is
what the frontend error schema is generated from, so there is no hand-written
error schema on either end.
object
Machine-readable, stable error code.
Present only on a quota-exceeded 403 — the inline upgrade-CTA payload.
object
The entitlement feature key that was hit, e.g. apps.max_count.
The plan’s limit for this key.
Where to send the user to upgrade.
Current usage (count or bytes, per the key).
Human-readable message (the server’s English text; the client may localize
by code).
Example
{ "code": "not_found"}