Private remote access

Use your local room from your own devices.

Tailscale can make a local Fob dashboard reachable from your private tailnet without opening it to the whole internet.

Recommended model

Run Fob on your Mac. Access it from your phone, iPad, or another computer through Tailscale. Keep it private to your tailnet.

Do not expose an AI control panel publicly until authentication, audit logs, and permission boundaries are designed.

Install Tailscale on your Mac and the device you want to use remotely. Sign into the same tailnet on both devices.

fob serve --port 8787

You can also run the same local service as fob daemon --port 8787.

By default, Fob binds the website to 127.0.0.1 for local-only access.

Tailscale Serve is the private path. It lets devices in your tailnet reach a local service through a Tailscale URL.

tailscale serve --bg 8787

Then open the Tailscale-provided URL from another device in your tailnet.

Official docs: Tailscale Serve.

Tailscale Funnel can expose a local service to the public internet. That is not the default recommendation for Fob.

Only use Funnel after you understand the security tradeoff and have a reason to make the dashboard public.