WebSocket Transport Setup
Configure the WebSocket transport for the Soothe daemon.
Note: WebSocket is currently the only supported transport. HTTP REST transport was removed in 0.6.x. Future transports may be added, but none are planned for the near term.
Transport Overview
The Soothe daemon uses WebSocket as its sole transport protocol:
| Transport | Status | Use Case | Performance |
|---|---|---|---|
| WebSocket | ✅ Default (only) | All clients (CLI, TUI, web apps) | ~1-5ms latency |
All clients share the same:
- Authentication system (via reverse proxy)
- Protocol layer
- Thread management
- Event streaming
WebSocket (Default)
Status: ✅ Enabled by default
Configuration (~/.soothe/config/daemon.yml):
transports:
websocket:
enabled: true
host: "127.0.0.1"
port: 8765
tls_enabled: false
tls_cert: null
tls_key: null
cors_origins: ["http://localhost:*", "http://127.0.0.1:*"]
max_frame_size: 10485760
Features:
- Real-time bidirectional streaming
- CORS validation
- TLS support for remote connections
- Used by CLI, TUI, and web clients
Note: Authentication is handled by reverse proxy (see Authentication Guide)
Use When:
- Running Soothe locally or remotely
- Using CLI or TUI clients
- Building web-based UIs (React, Vue, etc.)
- Remote monitoring dashboards
- Mobile app backends
- Desktop applications (Tauri, Electron)
Web Application Integration
JavaScript Client:
// Connect to WebSocket
const ws = new WebSocket("ws://localhost:8765");
ws.onopen = () => {
// Authenticate (if enabled)
ws.send(JSON.stringify({
type: "auth",
token: "sk_live_abc123..."
}));
// Send input
ws.send(JSON.stringify({
type: "input",
text: "Analyze the codebase"
}));
};
ws.onmessage = (event) => {
const msg = JSON.parse(event.data);
if (msg.type === "event") {
console.log("Received event:", msg.data);
}
};
TLS Configuration
Enable TLS for direct remote connections (without reverse proxy):
# ~/.soothe/config/daemon.yml
transports:
websocket:
enabled: true
host: "0.0.0.0"
port: 8765
tls_enabled: true
tls_cert: "/path/to/cert.pem"
tls_key: "/path/to/key.pem"
Note: For production, prefer a reverse proxy (nginx, Caddy) for TLS termination. See Authentication Guide.
CORS Configuration
Configure allowed origins for browser-based clients:
# ~/.soothe/config/daemon.yml
transports:
websocket:
cors_origins:
- "http://localhost:3000"
- "https://app.example.com"
Status Output
soothed status
Output:
Daemon Status: running
PID: 12345
Uptime: 2 hours
Transports:
- WebSocket: ✅ Enabled (ws://127.0.0.1:8765)
Active Threads: 3
Security Model
Localhost Connections
- WebSocket localhost: No built-in authentication; bind to 127.0.0.1 for local-only access
Remote Connections
Important: Soothe does not include built-in authentication. For remote access, always use a reverse proxy to handle:
- Authentication: API keys, JWT, OAuth, etc.
- TLS/SSL: HTTPS/WSS encryption
- Rate limiting: Prevent abuse
- Request filtering: Block malicious requests
See Authentication Guide for deployment patterns with nginx, Caddy, or Traefik.