Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Remote setup (WSS)

Connect zerocode on your workstation to a daemon running on another machine (Raspberry Pi, home server, VPS, etc.).

On the remote host (daemon side)

  1. Generate a self-signed TLS certificate:

    sh

    openssl req -x509 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 \
  -keyout ~/.zeroclaw/wss.key \
  -out ~/.zeroclaw/wss.cert \
  -days 3650 -nodes -subj '/CN=zeroclaw'

  2. Enable WSS. Set the wss config through the Config pane (or the gateway / zeroclaw config set). Use absolute paths; the config does not expand ~.

  3. Open the firewall port:

    sh

    sudo ufw allow 9781/tcp

    The default WSS port is 9781. Change it with port = <number> in the [wss] section.

  4. Start (or restart) the daemon:

    sh

    zeroclaw daemon

    You should see a log line confirming the WSS listener started on 0.0.0.0:9781.

On your workstation (zerocode side)

  1. Connect with TLS verification skipped:

    sh

    zerocode --connect wss://<remote-ip>:9781 --tls-skip-verify

    --tls-skip-verify is required for self-signed certificates. The HMAC session signing still authenticates the connection.

That’s it. zerocode reconnects automatically if the connection drops.

Config reference

The wss section:

FieldDefaultDescription
enabledfalseEnable the WSS listener
bind0.0.0.0Bind address
port9781Listen port
cert_path(none)Absolute path to PEM certificate
key_path(none)Absolute path to PEM private key