Network, audit & air-gapped

# /home/.aihummer/etc/gateway.env
AIHUMMER_AIRGAPPED=1

# /home/.aihummer/etc/gateway.env
AIHUMMER_AUDIT_RETENTION_DAYS=365

This page covers the controls that govern *where* AiHummer can be reached and reach, *what* it records, and *what* it is built from: the admin IP allowlist, air-gapped mode, the audit log, and the supply-chain posture. ## IP allowlist (admin IP gating) You can restrict the admin surface to known networks with an **IP allowlist**, managed at `/v1/admin/security/ip-allowlist`. When configured, admin access is gated by source IP, so the admin API and UI only answer requests from the addresses you trust. > [!TIP] > Combine the IP allowlist with [enterprise SSO](/en/v1.0/security/enterprise-sso) > and [scoped API keys](/en/v1.0/security/rbac): network gating limits *where* > from, SSO limits *who*, and scopes limit *what*. ## Air-gapped mode For sovereign or isolated deployments, set `AIHUMMER_AIRGAPPED=1` to block **model-controlled public egress**. In this mode the agent's tools cannot reach out to the public internet on the model's behalf, which removes an entire class of exfiltration and SSRF risk. ```ini # /home/.aihummer/etc/gateway.env AIHUMMER_AIRGAPPED=1 ``` > [!WARNING] > Air-gapped mode disables tools that depend on public egress (for example > open-web fetches). Pair it with self-hosted sidecars and local models so the > deployment stays fully functional without external calls. For finer control > short of a full air-gap, use the egress allowlists described in > [Guardrails](/en/v1.0/security/guardrails). ## Audit log Admin changes are recorded in an **audit log** with retention and pagination, readable at `/v1/admin/audit`. Retention is controlled by `AIHUMMER_AUDIT_RETENTION_DAYS`, so you can keep a trail for as long as your compliance policy requires and let older entries age out. ```ini # /home/.aihummer/etc/gateway.env AIHUMMER_AUDIT_RETENTION_DAYS=365 ``` The audit trail pairs naturally with RBAC and SSO: SSO and the IP allowlist decide who may act, scoped keys decide what they may do, and the audit log records what they did. ## Supply chain & runtime posture AiHummer's runtime is deliberately small and inspectable: | Property | Posture | |---|---| | Gateway | A single Go binary (control-plane + turn engine). | | Direct dependencies | Roughly 25 direct Go modules — a small, auditable surface. | | Packaging | Host-native: release tarball + systemd, **no Docker**. | | Sidecars | Separate HTTP services reached by URL, installed only if needed. | > [!NOTE] > Host-native packaging means there is no container runtime to harden or patch in > addition to the application — you run one Go binary under systemd from > `/home/.aihummer`. This is a verifiable property of how the product ships, not > a claim about absolute security. ## Where to next - [Enterprise SSO](/en/v1.0/security/enterprise-sso) — who is allowed in. - [RBAC & scoped API keys](/en/v1.0/security/rbac) — what they may do once in. - [Guardrails & prompt-injection defense](/en/v1.0/security/guardrails) — egress allowlists and SSRF protection for tools that do reach out.