Platform settings
Dashboard IP allowlist for customer firewalls
Admin → Settings holds platform-wide configuration that applies to every customer. Today there's one setting:
Dashboard IP Allowlist
The list of IPs your customers should allow inbound from. Shown as a yellow info panel on each customer's Connect your server card — they paste it into their VPS firewall before testing the SSH connection.
The dashboard never enforces the allowlist itself; it's purely informational. You're trusting customers to apply it.
When this matters
If your dashboard runs behind a load balancer or autoscaling group, outbound SSH connections might come from a rotating set of IPs. Customers running tight firewalls (e.g. UFW with default deny) need to know all of them.
Format
The setting accepts a list of IPs, one per token:
- IPv4:
203.0.113.42 - IPv6:
2001:db8::1 - CIDR:
203.0.113.0/24
Loose validation — anything that's not whitespace is accepted. A mistyped value just won't match, it isn't a security issue.
Editing
Add IPs one at a time (Enter or click Add). Remove with the X next to each chip. Click Save to persist.
Customers see updates the next time they hit Connect your server (no notification or push — they just see the new list when they next load the page).
Copy as CSV
Useful for pasting into your own internal docs or runbooks. The button
copies the list as ip1, ip2, ip3 so it's easy to drop into chat or
emails.
Future settings
This page is built on a generic key-value Setting table — additional
platform settings will live alongside the IP allowlist as the product
grows.