From 5d3fce22a117a747393cd535265c80911bd143f9 Mon Sep 17 00:00:00 2001 From: noisedestroyers Date: Fri, 8 May 2026 12:04:35 -0400 Subject: [PATCH] Open OpenHands UI to all interfaces MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Was bound to 127.0.0.1:3030 — overcautious on a Tailscale-only box where Phoenix/Beszel/OpenWebUI are all reached the same way. Updated the homepage tile description and added a security note in the README for the case where the host ever leaves the tailnet. Co-Authored-By: Claude Opus 4.7 (1M context) --- README.md | 2 +- pyinfra/framework/README.md | 32 +++++++++---------- .../framework/compose/homepage/services.yaml | 2 +- pyinfra/framework/compose/openhands.yml | 9 ++++-- 4 files changed, 23 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index c929c47..e80ff39 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ Tailscale. Coding agents, monitoring, voice — all self-hosted. | `11434` | Ollama | ROCm with `HSA_OVERRIDE_GFX_VERSION=11.0.0` | | `3000` | OpenWebUI | ChatGPT-style UI in front of Ollama | | `3001` | OpenLIT | LLM fleet metrics dashboard | -| `3030` | OpenHands | Loopback only — SSH-tunnel from your laptop | +| `3030` | OpenHands | Autonomous agent + sandbox runtime — Tailscale-only by design | | `4317` | Phoenix OTLP/gRPC | Trace ingestion | | `6006` | Phoenix UI / OTLP/HTTP | Per-trace agent waterfall (also `:6006/v1/traces`) | | `8090` | Beszel | Host + container + AMD GPU dashboard | diff --git a/pyinfra/framework/README.md b/pyinfra/framework/README.md index 92ec00d..df3bc97 100644 --- a/pyinfra/framework/README.md +++ b/pyinfra/framework/README.md @@ -169,25 +169,23 @@ based on how you like to drive the agent: Bring-up: `cd /srv/docker/openwebui && docker compose up -d`. -- **OpenHands** (`/srv/docker/openhands`, http://framework:3030, - loopback-only) — autonomous agent in a Docker sandbox. Spawns a - per-conversation `agent-server` container that can write code, run - tests, browse the web. Pre-configured for Ollama at - `openai/qwen3-coder:30b` over the OpenAI-compatible endpoint; - ships traces to Phoenix. +- **OpenHands** (`/srv/docker/openhands`, http://framework:3030) — + autonomous agent in a Docker sandbox. Spawns a per-conversation + `agent-server` container that can write code, run tests, browse the + web. Pre-configured for Ollama at `openai/qwen3-coder:30b` over the + OpenAI-compatible endpoint; ships traces to Phoenix. - Bring-up: - ```sh - cd /srv/docker/openhands && docker compose up -d - # Tunnel the loopback-bound UI from your laptop: - ssh -L 3030:127.0.0.1:3030 noise@framework - open http://localhost:3030 - ``` + Bring-up: `cd /srv/docker/openhands && docker compose up -d`. First + run pulls the agent-server image (~2 GB) lazily on first conversation, + not at startup, so the orchestrator comes up fast but your first + message takes 30–60 s. Pre-0.44 state path was `~/.openhands-state`; + not relevant on a fresh install. - First run pulls the agent-server image (~2 GB) lazily on first - conversation, not at startup, so the orchestrator comes up fast but - your first message takes 30–60 s. Pre-0.44 state path was - `~/.openhands-state`; not relevant on a fresh install. + > **Security note:** the orchestrator container has docker-socket + > access and spawns code-running sandboxes. Fine to expose on a + > Tailscale-only box; **change the compose port mapping back to + > `127.0.0.1:3030:3000` and tunnel in** if this host ever sees LAN + > or internet traffic. Tool-call quality with local models is much better when Ollama's context is bumped — the compose at `/srv/docker/ollama` already sets diff --git a/pyinfra/framework/compose/homepage/services.yaml b/pyinfra/framework/compose/homepage/services.yaml index 4814c4a..436b644 100644 --- a/pyinfra/framework/compose/homepage/services.yaml +++ b/pyinfra/framework/compose/homepage/services.yaml @@ -47,7 +47,7 @@ - OpenHands: icon: mdi-robot href: http://framework:3030 - description: Autonomous coding agent (loopback — needs SSH tunnel) + description: Autonomous coding agent in a Docker sandbox server: localhost-docker container: openhands diff --git a/pyinfra/framework/compose/openhands.yml b/pyinfra/framework/compose/openhands.yml index ced461f..facc43b 100644 --- a/pyinfra/framework/compose/openhands.yml +++ b/pyinfra/framework/compose/openhands.yml @@ -18,10 +18,13 @@ services: restart: unless-stopped # 3030 host-side because :3000 is OpenWebUI and :3001 is OpenLIT. - # Loopback-only — reach via SSH tunnel or Tailscale, don't expose - # this directly. + # Bound to all interfaces — fine on a Tailscale-only box where every + # other service is reached the same way. If you ever expose this + # host to the LAN/internet, change this to "127.0.0.1:3030:3000" + # and tunnel in (this orchestrator has docker.sock access and + # spawns code-running sandboxes — not something you want public). ports: - - "127.0.0.1:3030:3000" + - "3030:3000" volumes: # Required: orchestrator spawns sandbox containers via the host daemon.