Skip to main content

Direct Connection

Connect to Remi directly over WebSocket when you have network access to the daemon.

When to Use

Direct connections are best when:

  • You are on the same WiFi or LAN as the server
  • You use Tailscale, WireGuard, or another VPN
  • You can set up an SSH tunnel
  • You want the lowest latency

WebSocket URL

The default WebSocket URL is:

ws://localhost:18765/ws

Replace localhost with the server's IP or hostname when connecting from another device:

ws://192.168.1.100:18765/ws
ws://my-server.tailnet:18765/ws

Same Network

If your phone and server are on the same WiFi, Remi binds to all interfaces (0.0.0.0) by default, so it is already reachable from other devices on the network.

Find your server's local IP:

# Find your server's IP
hostname -I    # Linux
ipconfig getifaddr en0    # macOS

Connect from the Remi web app using ws://<server-ip>:18765/ws.

tip

The default bind address is 0.0.0.0 (all interfaces). To restrict to localhost only, use remi --local or remi --bind localhost.

Tailscale / VPN

With Tailscale or another VPN, use the VPN-assigned IP or hostname:

ws://100.x.x.x:18765/ws
ws://my-server.tailnet:18765/ws

No additional configuration is needed. The VPN handles routing and encryption at the network layer.

SSH Tunnel

If you have SSH access but no direct network path, create a tunnel:

ssh -L 18765:localhost:18765 user@server

This forwards your local port 18765 to the remote daemon. Connect from the Remi web app using:

ws://localhost:18765/ws

Persistent SSH Tunnel

To keep the tunnel running in the background:

ssh -fN -L 18765:localhost:18765 user@server

Or add to your ~/.ssh/config:

Host remi-server
    HostName server.example.com
    User myuser
    LocalForward 18765 localhost:18765

Then: ssh -fN remi-server

Custom Port

If the daemon runs on a non-default port:

remi --port 9000 my-project

Adjust the WebSocket URL accordingly: ws://server:9000/ws

Authentication

Direct connections always require Ed25519 mutual authentication. If you have not authorized any client keys, connections will be rejected with AUTH_REQUIRED. See the Authentication Guide for setup instructions.