# Network Allowlist for Tool HTTP Calls # Tools that make outbound HTTP requests MUST use only hosts/IPs listed here. # Any request to unlisted hosts is blocked by tool_governance.py middleware. # # Format per tool: # hosts: exact hostname or IP # prefixes: URL prefix match (for paths) # ─── Observability Sources ──────────────────────────────────────────────────── observability_tool: description: "Prometheus, Loki, Tempo datasources" hosts: - "localhost" - "127.0.0.1" - "prometheus" - "loki" - "tempo" - "monitoring" - "144.76.224.179" # NODA1 monitoring ports_allowed: [9090, 3100, 3200, 9080] schemes: ["http", "https"] # ─── Oncall / Service Health ────────────────────────────────────────────────── oncall_tool: description: "Internal service health endpoints only" hosts: - "localhost" - "127.0.0.1" - "gateway" - "router" - "memory" - "qdrant" - "nats" - "144.76.224.179" # NODA1 - "212.8.58.133" # NODA3 ports_allowed: [80, 443, 8000, 8080, 8222, 9000, 9100, 9102, 9200, 9300, 9400] schemes: ["http", "https"] # ─── Web Search / Extract ───────────────────────────────────────────────────── web_search: description: "Search provider APIs" hosts: - "api.duckduckgo.com" - "serpapi.com" - "api.bing.microsoft.com" - "customsearch.googleapis.com" schemes: ["https"] web_extract: description: "Any public HTTPS URL (user-provided)" allow_any_public: true # Allow any non-private IP block_private_ranges: true # Block RFC1918 / loopback / link-local schemes: ["https"] crawl4ai_scrape: description: "Crawl4AI service + public URLs" hosts: - "localhost" - "127.0.0.1" - "crawl4ai" ports_allowed: [11235] allow_any_public: true block_private_ranges: true schemes: ["http", "https"] # ─── Memory / Graph ─────────────────────────────────────────────────────────── memory_search: description: "Memory service + Qdrant" hosts: - "localhost" - "127.0.0.1" - "memory-service" - "qdrant" - "144.76.224.179" ports_allowed: [6333, 8001, 8100] schemes: ["http", "https"] graph_query: description: "Neo4j bolt/http" hosts: - "localhost" - "127.0.0.1" - "neo4j" ports_allowed: [7474, 7687] schemes: ["http", "https", "bolt", "bolt+s"] # ─── ComfyUI / Image Generation ────────────────────────────────────────────── comfy_generate_image: description: "ComfyUI on NODA3" hosts: - "localhost" - "127.0.0.1" - "212.8.58.133" ports_allowed: [8188] schemes: ["http"] comfy_generate_video: description: "ComfyUI video on NODA3" hosts: - "localhost" - "127.0.0.1" - "212.8.58.133" ports_allowed: [8188] schemes: ["http"] # ─── LLM Providers ──────────────────────────────────────────────────────────── # (Used by router/gateway, not direct tool calls, but documented for reference) llm_providers: description: "External LLM APIs" hosts: - "api.x.ai" # xAI Grok - "open.bigmodel.cn" # GLM-5 Z.AI - "api.deepseek.com" # DeepSeek - "api.openai.com" # OpenAI fallback schemes: ["https"] # ─── Presentation Service ───────────────────────────────────────────────────── presentation_create: description: "Presentation rendering service" hosts: - "localhost" - "127.0.0.1" - "presentation-service" ports_allowed: [8080, 9500] schemes: ["http", "https"] # ─── Dependency Scanner ─────────────────────────────────────────────────────── dependency_scanner_tool: description: "OSV.dev API for vulnerability lookups (online mode only)" hosts: - "api.osv.dev" schemes: ["https"] # Only used when vuln_mode=online; offline_cache requires no outbound # ─── Private IP Ranges (always blocked for allow_any_public tools) ──────────── private_ip_ranges: - "10.0.0.0/8" - "172.16.0.0/12" - "192.168.0.0/16" - "127.0.0.0/8" - "169.254.0.0/16" - "::1/128" - "fc00::/7"