mirror of
https://github.com/different-ai/openwork
synced 2026-04-25 17:15:34 +02:00
feat(security): default local workers to localhost only (#1132)
Require generated OpenCode auth and explicit remote-sharing opt-in so local workers stay loopback-only unless the user intentionally exposes them.
This commit is contained in:
@@ -153,6 +153,7 @@ OpenWork therefore has two runtime connection modes:
|
||||
|
||||
- OpenWork runs on a desktop/laptop and can host OpenWork server surfaces locally.
|
||||
- The OpenCode server runs on loopback (default `127.0.0.1:4096`).
|
||||
- The OpenWork server also defaults to loopback-only access. Remote sharing is an explicit opt-in that rebinds the OpenWork server to `0.0.0.0` while keeping OpenCode on loopback.
|
||||
- OpenWork UI connects via the official SDK and listens to events.
|
||||
- `openwork-orchestrator` is the CLI host path for this mode.
|
||||
|
||||
@@ -173,6 +174,7 @@ This model keeps the user experience consistent across self-hosted and hosted pa
|
||||
- `openwork-orchestrator` (default): Tauri launches `openwork daemon run` and uses it for workspace activation plus OpenCode lifecycle.
|
||||
- `direct`: Tauri starts OpenCode directly.
|
||||
- In both desktop runtimes, OpenWork server (`/apps/server/`) is the API surface consumed by the UI; it is started with the resolved OpenCode base URL and proxies OpenCode and `opencode-router` routes.
|
||||
- Desktop-launched OpenCode credentials are always random, per-launch values generated by OpenWork. OpenCode stays on loopback and is intended to be reached through OpenWork server rather than exposed directly.
|
||||
- `opencode-router` is optional in desktop host mode and is started as a local service when messaging routes are enabled.
|
||||
|
||||
```text
|
||||
|
||||
Reference in New Issue
Block a user