gateway.example.yaml at main · scottlanoue.com/turnscale

scottlanoue.com / turnscale

fork atom

Tailscale-native MCP gateway with identity-based access control, audit logging, and session recording

fork atom

turnscale / gateway.example.yaml

at main 29 lines 617 B view raw

wrap content

Scott Lanoue Turnscale — Tailscale-native MCP gateway 8d ago

9f7679b4

 1hostname: "mcp"
 2tailnet: "your-tailnet.ts.net"
 3state_dir: "~/.local/share/turnscale"
 4
 5servers:
 6  github:
 7    url: "http://localhost:8091/mcp"
 8    transport: "streamable-http"
 9  slack:
10    url: "http://localhost:8092/mcp"
11    transport: "streamable-http"
12
13# Access policies — evaluated top-to-bottom, first match wins
14policies:
15  - name: "admin"
16    match:
17      identity: ["you@github"]
18    allow: ["*"]
19
20  - name: "ai-agents"
21    match:
22      tags: ["tag:ai-agent"]
23    allow: ["github", "slack"]
24    deny_tools: ["mcp__github__delete_*"]
25
26  - name: "default-deny"
27    match:
28      identity: ["*"]
29    deny: ["*"]