Sure. Basically, never expose anything anywhere, like you would in prod:

/-----\          /------\
| you | --ssh--> | step |---wg-
\-----/          \------/     |
   |           /     | wg     |
 mtls        /    /-----\     |
   |       /wg    | LLM |     |
   |     /        \-----/     |
/-----\ /             | wg    |
|proxy| ----\wg   /-----\     |
\-----/      ---- |forge| ----|
   |              \-----/     |
   |                 | wg     |
   |              /-----\     |
   \----wg------- | apps| ----|
                  \-----/

Pi: The Minimal Agent Within OpenClaw

k00b

Sure. Basically, never expose anything anywhere, like you would in prod:

- Don't use services like github.
- Don't ssh straight into environments, use a stepping stone
- wireguard between all your servers
- everything firewalled, including for outgoing.
- don't expose LLM to production ever. Give it a user on your forge (gitea / forgejo).
- if you have apps, isolate them at the very least in docker containers, plan your network, also between docker containers
- dont expose anything to the public, ever. if you need web access, use mtls with your own ca, haproxy everything
- monitor everything

something like so:

```
/-----\          /------\
| you | --ssh--> | step |---wg-
\-----/          \------/     |
   |           /     | wg     |
 mtls        /    /-----\     |
   |       /wg    | LLM |     |
   |     /        \-----/     |
/-----\ /             | wg    |
|proxy| ----\wg   /-----\     |
\-----/      ---- |forge| ----|
   |              \-----/     |
   |                 | wg     |
   |              /-----\     |
   \----wg------- | apps| ----|
                  \-----/
```