Remote Access โ
CoolerControl can be accessed remotely to control cooling on another machine. By default, the daemon binds to the local loopback interface. Remote access requires adjustments to the daemon's configuration.
Direct Network Access โ
To expose the daemon directly on your network, you must configure the address and port to bind to. See the TCP Port and Address documentation for details on how to configure the daemon's network settings. By default, the daemon will use a self-signed certificate for non-local connections. See the SSL/TLS documentation for details.
WARNING
Remote access increases the risk of someone gaining access to your cooling devices. To minimize this risk, follow these best practices:
- Use a secure transport:
- Use a VPN/zero-trust tunnel over direct internet exposure. (i.e. Tailscale, Wireguard, etc.)
- Use a valid SSL/TLS certificate. (i.e. Let's Encrypt, Cloudflare, etc.)
- SSH port forwarding or a TLS-terminating reverse proxy (TLS termination proxy).
- Enforce strong authentication: set a strong password and rotate it periodically.
- Restrict network reachability: allowlist source IPs and lock down access with host firewall rules/ACLs.
SSH Tunnel โ
One can also use an SSH tunnel to access the daemon remotely. Replace user@remote-machine.ip with your remote username/host, and choose any free local port (e.g., 12000):
ssh -N -L 12000:127.0.0.1:11987 user@remote-machine.ipThis forwards the daemon port on the remote server to your local machine on the chosen local port, e.g. 12000. You can then access the UI in your browser at http://localhost:12000/, or point the desktop application to the same address in its daemon connection settings. It will behave as if it were running locally.
Desktop Application Configuration โ
To connect the desktop application to a remote daemon:
- Open the desktop application
- Right-click on the system tray icon and click on "Daemon Address".
- Click "next" and enter the address and port of the remote daemon.
- Click "Apply"
See Also โ
- Docker - Running CoolerControl in Docker
- Access Protection - Set a strong password for remote access
- SSL/TLS - Secure your daemon with TLS encryption
- TCP Port and Address - Configure the daemon's network settings
- Headless Servers - Access the web UI on headless servers