How to self-host OpenACP securely? #104
-
|
I want to self-host OpenACP on my server. What security settings should I configure to restrict access and protect my codebase? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
OpenACP runs entirely on your machine — your data never leaves your server. Security settings in {
"security": {
"allowedUserIds": ["123456789", "987654321"],
"maxConcurrentSessions": 20,
"sessionTimeoutMinutes": 60
}
}
Permission Gate: Every agent action (read file, write file, run command) requires your approval via buttons on Telegram/Discord/Slack. Permission timeout: 10 minutes — no response = auto-reject. See Thread 14 — Permission auto-approve for dangerous mode. REST API security: API server runs at Run in daemon mode for background service: openacp start # Start daemon
openacp status # Check status
openacp stop # Stop daemon
|
Beta Was this translation helpful? Give feedback.
OpenACP runs entirely on your machine — your data never leaves your server.
Security settings in
~/.openacp/config.json:{ "security": { "allowedUserIds": ["123456789", "987654321"], "maxConcurrentSessions": 20, "sessionTimeoutMinutes": 60 } }allowedUserIds: Only allow specific user IDs to use the bot. Empty array = allow everyone.maxConcurrentSessions: Limit concurrent running sessions (default: 20). New sessions are rejected when limit is reached.sessionTimeoutMinutes: Automatically end inactive sessions after the specified time (default: 60 minutes).Permission Gate: Every agent action (read file, write file, run command) requires your approval via buttons on Teleg…