Local Worker UI Overview
The Local Worker UI is the Self Hosted runtime interface. It is served by the worker gateway, usually at:
http://127.0.0.1:8010/If the worker runs on a remote host, open the UI through a private access path such as an SSH tunnel:
ssh -L 8010:127.0.0.1:8010 your-user@your-vpsWhat the Local Worker UI Owns
Section titled “What the Local Worker UI Owns”| Page | Use it for |
|---|---|
/ | Worker identity, executor fleet status, polling state, current execution, and recent outcome. |
/providers | Provider credentials, provider readiness, default model/profile, and runtime configuration. |
/audit | Worker-owned Ticket Audit for retained Self Hosted runs. |
/audit/code | Worker-owned Code Audit, line attribution, reconciliation, and exports where plan allows. |
/runs | Local run history and raw support/debug ledger. |
/health | Gateway, executor, storage, provider, and controller connectivity checks. |
/live/<job_id> | Active live execution stream when available. |
The gateway does not normally run jobs itself. Executors enroll, report status, poll the controller, run assigned jobs, and report results back through the gateway and controller.
What Stays in the Controller
Section titled “What Stays in the Controller”The Local Worker UI does not replace the MergeLoom controller.
Use the controller for:
- integrations
- repository catalog
- workflow rules
- prompts and notification templates
- access and SSO
- billing
- worker enrollment
- controller-side audit and PR/MR coordination
Use the Local Worker UI for worker-local execution details.
Runtime Visibility
Section titled “Runtime Visibility”The Local Worker UI can show:
- provider readiness
- active job and live stream
- setup command output
- validation command output
- repair and review stages
- file/tool summaries
- token and cost estimates where available
- deep traces retained by the worker
- Code Audit line evidence
For Self Hosted, this is the main evidence surface for security and engineering review.
Access Boundary
Section titled “Access Boundary”The current worker UI is local/private by default. Do not expose it publicly without an approved access layer.
Recommended production access patterns include:
- SSH tunnel for first-run testing
- VPN/private network access
- private ingress with your own authentication
- platform access controls around the host or namespace
The Local Worker UI does not include its own SSO layer. Protect access through your network, VPN, private ingress, or identity-aware proxy.
Related pages: