let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: add network hub + pairing locality

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-21 00:14:06 +00:00
parent e083f678fd
commit e5ea8a0d22
5 changed files with 75 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/gateway/security.md
View File

@@ -270,6 +270,12 @@ Note: `gateway.remote.token` is **only** for remote CLI calls; it does not
protect local WS access.
Optional: pin remote TLS with `gateway.remote.tlsFingerprint` when using `wss://`.
Local device pairing:
- Device pairing is autoapproved for **local** connects (loopback or the
gateway hosts own tailnet address) to keep samehost clients smooth.
- Other tailnet peers are **not** treated as local; they still need pairing
approval.
Auth modes:
- `gateway.auth.mode: "token"`: shared bearer token (recommended for most setups).
- `gateway.auth.mode: "password"`: password auth (prefer setting via env: `CLAWDBOT_GATEWAY_PASSWORD`).