2026 OpenClaw Gateway Zero-Exposure: Tailscale Serve/Funnel vs Cloudflare Tunnel (cloudflared) + Remote Mac SSH Playbook & FAQ

TL;DR — Key Takeaways

Bottom line: Prefer Tailscale Serve when every client is on your tailnet and you want the tightest identity model. Use Cloudflare Tunnel when you need a stable public hostname under your zone without exposing the Mac. Use Tailscale Funnel only when you consciously want a public URL with Tailscale in the path—and you accept its policy and visibility trade-offs.

• Zero exposure means: no inbound allow rules on the home router for your gateway port; the Mac initiates outbound tunnels.
• SSH first: harden remote access, then layer HTTP exposure. For broader OpenClaw deployment context, see 2026 OpenClaw Enterprise Integration on Remote Mac mini.
• Bind locally: run the gateway on loopback and let the tunnel terminate TLS—reduces accidental wide-area exposure.

1. What "Zero Exposure" Means for OpenClaw

OpenClaw-style gateways are HTTP services. "Zero exposure" here is an operational definition: your Mac does not advertise an open WAN listener for that service. Instead, connectivity is established by authenticated overlay networking (Tailscale) or by an outbound tunnel to a cloud edge (Cloudflare). You still have exposure to authenticated users or to Cloudflare’s edge—the goal is to eliminate anonymous internet-wide port scans hitting your daemon directly.

If you are evaluating access patterns without owning hardware yet, How to Use OpenClaw without a Mac: The Complete 2026 Workflow outlines realistic split setups; this article focuses on the Mac-side tunnel termination.

2. Tailscale Serve vs Funnel (Conceptual Split)

Tailscale Serve publishes a service to your tailnet (and can handle HTTPS for tailnet names). It is the default choice for "team + devices all on Tailscale" because access control maps cleanly to tailnet identity and ACLs.

Tailscale Funnel exposes selected HTTPS routes to the public internet through Tailscale’s infrastructure. It can be the fastest way to get a public URL, but you should treat it like a deliberate public ingress: review DNS names, rate limits, and who can authenticate to the upstream app.

3. Cloudflare Tunnel (cloudflared) in One Paragraph

cloudflared maintains outbound connections from your Mac to Cloudflare. Visitors hit Cloudflare’s edge; Cloudflare forwards to the tunnel; the tunnel forwards to localhost. You get public hostnames, WAF/bot tools, and access policies—without opening residential ports. Trade-offs: you are in Cloudflare’s trust and billing universe, and debugging often means correlating edge errors with local service logs.

4. Decision Matrix (2026)

5. Reproducible Remote Mac Baseline (SSH)

Run these on the Mac (or over SSH) before touching Serve/Funnel/cloudflared:

1. Enable Remote Login (SSH) in System Settings → General → Sharing. Prefer key-based auth; disable password auth for administrators if your policy allows.
2. Confirm the gateway listens locally: lsof -nP -iTCP -sTCP:LISTEN | grep LISTEN and verify your OpenClaw HTTP port is 127.0.0.1 (or LAN-only), not 0.0.0.0 on WAN-facing networks.
3. Firewall: allow SSH from management sources only; do not punch holes for the app port if the tunnel handles ingress.
4. Persistence: use launchd plist or your chosen process supervisor so tunnels survive reboot.

5.1 Minimal SSH sanity checks

• ssh -G user@host | egrep '^(user|hostname|port|identityfile)' — confirm you are hitting the intended host alias.
• From another tailnet device: curl -fsS http://100.x.y.z:PORT/health (replace with your plan’s health path).

6. Path A — Tailscale Serve (Tailnet-Only)

Install Tailscale on the Mac, authenticate the node, then use Serve to reverse-proxy HTTPS on the tailnet to your local gateway. Exact CLI flags evolve; follow the current Tailscale docs for tailscale serve. Conceptually you will map a tailnet DNS name to http://127.0.0.1:<gateway-port>.

7. Path B — Tailscale Funnel (Public HTTPS)

Enable Funnel only if your org allows public ingress. Turn on Funnel for the node, define the HTTPS frontend, and point it at the same local upstream. Enforce application-level authentication (API keys, OAuth, mTLS between components) because the edge is now world-reachable.

8. Path C — Cloudflare Tunnel Quick Flow

1. Create a tunnel in the Cloudflare Zero Trust dashboard; install cloudflared on the Mac.
2. Run the connector with a token or credentials file; confirm the tunnel shows healthy in the dashboard.
3. Add a public hostname route to http://localhost:GATEWAY_PORT (or HTTPS if your app serves TLS locally—usually you terminate at Cloudflare instead).
4. Layer Access policies or WAF rules before traffic hits your upstream.

9. FAQ — Symptom → Likely Cause → Action

Why a Mac mini Is the Right Place to Terminate These Tunnels

Overlay tunnels and local HTTP gateways are meant to run for weeks without babysitting. A Mac mini on Apple Silicon combines very low idle power (often on the order of a few watts), silent operation, and macOS stability that is friendly to long-lived launchd jobs. The same machine gives you a native Unix shell for SSH, Homebrew or MacPorts for cloudflared, and Apple’s platform security stack (Gatekeeper, SIP, FileVault) for a smaller malware surface than a typical always-on Windows box.

If you want this gateway stack to sit in a closet and never thermal-throttle under light automation load, Mac mini M4 is one of the most cost-effective anchors—then use the buttons below to line up hardware that matches your tailnet size and traffic.