Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.tandemn.com/llms.txt

Use this file to discover all available pages before exploring further.

The Tandemn System control plane accepts connections from EC2 replicas over the network. If the endpoint is exposed through a tunnel or public URL, set an API key.

API key authentication

Set TD_API_KEY in the server .env file: 
TD_API_KEY=your-secret-key
Replica-to-server communication uses this token. The key is distributed to replicas automatically at launch. CLI users also need the key when the deployment requires authenticated requests: 
export TD_API_KEY=<your-api-key>

Network options

OptionUse case
Cloudflare Quick TunnelLocal development with an ephemeral URL.
TailscaleStable mesh VPN access for teams.
Same-VPC EC2Production deployment without public exposure.

Cloudflare Quick Tunnel

curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o cloudflared
chmod +x cloudflared
./cloudflared tunnel --url http://localhost:26336
Then pass the generated URL when starting the server or set it in .env: 
TD_SERVER_URL=https://your-tunnel.trycloudflare.com
For production, deploy the control plane on a small EC2 instance in the same VPC as the inference replicas. This avoids public exposure and tunnel latency.