let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: document Tailscale Serve auth headers (#823) (thanks @roshanasingh4)

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-13 04:37:04 +00:00
parent 7616b02bb1
commit b70298fbca
6 changed files with 38 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
docs/web/index.md
View File

@@ -94,7 +94,10 @@ Open:
- Binding the Gateway to a non-loopback address **requires** auth (`gateway.auth` or `CLAWDBOT_GATEWAY_TOKEN`).
- The wizard generates a gateway token by default (even on loopback).
- The UI sends `connect.params.auth.token` or `connect.params.auth.password`.
- Use `gateway.auth.allowTailscale: false` to require explicit credentials even in Serve mode.
- With Serve, Tailscale identity headers can satisfy auth when
`gateway.auth.allowTailscale` is `true` (no token/password required). Set
`gateway.auth.allowTailscale: false` to require explicit credentials. See
[Tailscale](/gateway/tailscale) and [Security](/gateway/security).
- `gateway.tailscale.mode: "funnel"` requires `gateway.auth.mode: "password"` (shared password).
## Building the UI