Skip to content


Repository files navigation

Tabby Web

This is the Tabby terminal, served as a web app. It also provides the config sync service for the Tabby app.

How it works

Tabby Web serves the Tabby Terminal as a web application while managing multiple config files, authentication, and providing TCP connections via a separate gateway service.


  • Python 3.7+
  • A database server supported by Django (MariaDB, Postgres, SQLite, etc.)
  • Storage for distribution files - local, S3, GCS or others supported by fsspec

Quickstart (using docker-compose)

You'll need:

  • OAuth credentials from GitHub, GitLab, Google or Microsoft for authentication.
  • For SSH and Telnet: a tabby-connection-gateway to forward traffic.
  • Docker BuildKit: export DOCKER_BUILDKIT=1
    docker-compose up -e SOCIAL_AUTH_GITHUB_KEY=xxx -e SOCIAL_AUTH_GITHUB_SECRET=yyy

will start Tabby Web on port 9090 with MariaDB as a storage backend.

For SSH and Telnet, once logged in, enter your connection gateway address and auth token in the settings.

Environment variables

  • DATABASE_URL (required).
  • APP_DIST_STORAGE: a file://, s3://, or gcs:// URL to store app distros in.
  • SOCIAL_AUTH_*_KEY & SOCIAL_AUTH_*_SECRET: social login credentials, supported providers are GITHUB, GITLAB, MICROSOFT_GRAPH and GOOGLE_OAUTH2.

Adding Tabby app versions

  • docker-compose run tabby / add_version 1.0.163

You can find the available version numbers here.

Development setup

Put your environment vars (DATABASE_URL, etc.) in the .env file in the root of the repo.

For the frontend:

cd frontend
yarn run build # or yarn run watch

For the backend:

cd backend
poetry install
./ migrate # set up the database
./ add_version 1.0.156-nightly.2 # install an app distribution
PORT=9000 poetry run gunicorn # optionally with --reload


  • When using Tabby Web for SSH/Telnet connectivity, your traffic will pass through a hosted gateway service. It's encrypted in transit (HTTPS) and the gateway servers authenticate themselves with a certificate before connections are made. However there's a non-zero risk of a MITM if a gateway service is compromised and the attacker gains access to the service's private key.
  • You can alleviate this risk by hosting your own gateway service, or your own copy of Tabby Web altogether.