> ## Documentation Index
> Fetch the complete documentation index at: https://meepa.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Captain Dashboard

> Web dashboard for managing MeepaGateway agents, config, skills, connectors, and cron.

Captain is MeepaGateway's built-in web dashboard. It runs at `http://localhost:63372` when the gateway is started. Everything in the dashboard is also available via the [CLI](/gateway/cli) and the Captain HTTP API.

## First-time setup

When the gateway starts with no config file, it enters setup mode:

1. A one-time **setup code** is printed to the terminal
2. Open `http://localhost:63372/setup` in your browser
3. Enter the setup code to verify local access
4. Set a password for future logins
5. Configure your LLM provider and first agent connector
6. The gateway writes the config file and starts normally

```
============================================
FIRST-TIME SETUP
============================================
Open http://127.0.0.1:63372/setup
Setup code: ABC-123-XYZ
============================================
```

To re-run setup:

```bash theme={null}
meepagateway setup
```

### Headless / automated setup

For unattended deployments (cloud-init, Docker, CI), set `MEEPAGATEWAY_PASSWORD` before the first run. The gateway will hash the password, write it to config, and start normally without displaying a setup code:

```bash theme={null}
export MEEPAGATEWAY_PASSWORD="your-strong-password"
meepagateway start
```

This env var is only read when no `password_hash` exists in config. Once a hash is written, it is ignored on subsequent starts.

***

## Authentication

Captain supports three authentication methods.

### Password

Set during setup. Stored as an Argon2 hash in the config file under `captain.password_hash`. Change it via the dashboard Settings page or:

```bash theme={null}
curl -X POST http://localhost:63372/api/captain/auth/password \
  -H "Cookie: captain_session=..." \
  -H "Content-Type: application/json" \
  -d '{"current_password": "old", "new_password": "new"}'
```

### API keys

For programmatic access. Each key has a name and a `cptn_` prefix displayed in the dashboard.

```bash theme={null}
# Create
meepagateway api-key create "ci-deploy"
# Returns the full key once — store it securely

# List
meepagateway api-key list

# Revoke
meepagateway api-key revoke <id>
```

Use the key via header or env var:

```bash theme={null}
curl -H "Authorization: Bearer cptn_abc123..." http://localhost:63372/api/captain/status
MEEPA_API_KEY="cptn_abc123..." meepagateway agent list
```

***

## Configuration

```yaml theme={null}
captain:
  enabled: true
  bind: 127.0.0.1      # localhost only by default
  port: 63372
  exposure: local       # see exposure modes below
```

**Exposure modes:**

| Value               | Behavior                                           |
| ------------------- | -------------------------------------------------- |
| `local`             | Bind `127.0.0.1` — localhost only (default)        |
| `lan`               | Bind `0.0.0.0` — accessible on the local network   |
| `tailscale_private` | Bind `127.0.0.1`, `tailscale serve` proxies        |
| `cloudflare_tunnel` | Bind `127.0.0.1`, Cloudflare tunnel routes inbound |
| `tailscale_funnel`  | Bind `0.0.0.0`, Tailscale Funnel                   |
| `reverse_proxy`     | Bind `0.0.0.0`, user-managed reverse proxy         |

When exposing Captain beyond localhost, always use a strong password and TLS termination.

***

## API reference

All dashboard operations are available via the Captain API at `http://localhost:63372/api/captain/`.

### Status

No authentication required.

```bash theme={null}
curl http://localhost:63372/health
# {"status":"ok","version":"..."}

curl http://localhost:63372/api/captain/status
# {"version":"...","status":"running"}
```

### Auth endpoints

| Method   | Path                              | Description               |
| -------- | --------------------------------- | ------------------------- |
| `POST`   | `/api/captain/auth/login`         | Password login            |
| `POST`   | `/api/captain/auth/logout`        | Logout                    |
| `POST`   | `/api/captain/auth/setup`         | Complete first-time setup |
| `POST`   | `/api/captain/auth/password`      | Change password           |
| `GET`    | `/api/captain/auth/api-keys`      | List API keys             |
| `POST`   | `/api/captain/auth/api-keys`      | Create API key            |
| `DELETE` | `/api/captain/auth/api-keys/{id}` | Revoke API key            |
| `GET`    | `/api/captain/auth/check`         | Check auth status         |

### Config endpoints

| Method  | Path                            | Description                    |
| ------- | ------------------------------- | ------------------------------ |
| `GET`   | `/api/captain/config`           | Get parsed config              |
| `PUT`   | `/api/captain/config`           | Replace config                 |
| `PATCH` | `/api/captain/config/{section}` | Update a config section        |
| `GET`   | `/api/captain/config/raw`       | Get raw config file            |
| `PUT`   | `/api/captain/config/raw`       | Replace raw config file        |
| `POST`  | `/api/captain/config/test`      | Validate config without saving |
| `POST`  | `/api/captain/config/reload`    | Reload config from disk        |
| `POST`  | `/api/captain/config/reset`     | Reset config to defaults       |
| `POST`  | `/api/captain/restart`          | Restart the gateway            |

### Agent endpoints

| Method   | Path                                               | Description            |
| -------- | -------------------------------------------------- | ---------------------- |
| `GET`    | `/api/captain/agents`                              | List agents            |
| `POST`   | `/api/captain/agents`                              | Create agent           |
| `GET`    | `/api/captain/agents/{id}`                         | Get agent              |
| `PATCH`  | `/api/captain/agents/{id}`                         | Update agent           |
| `DELETE` | `/api/captain/agents/{id}`                         | Delete agent           |
| `GET`    | `/api/captain/agents/{id}/soul`                    | Get soul               |
| `PUT`    | `/api/captain/agents/{id}/soul`                    | Update soul            |
| `GET`    | `/api/captain/agents/{id}/agents-md`               | Get AGENTS.md          |
| `GET`    | `/api/captain/agents/{id}/memory`                  | Get MEMORY.md          |
| `PUT`    | `/api/captain/agents/{id}/memory`                  | Update MEMORY.md       |
| `GET`    | `/api/captain/agents/{id}/user`                    | Get USER.md            |
| `PUT`    | `/api/captain/agents/{id}/user`                    | Update USER.md         |
| `GET`    | `/api/captain/agents/{id}/skills`                  | List skills            |
| `GET`    | `/api/captain/agents/{id}/skills/{name}`           | Get skill              |
| `PUT`    | `/api/captain/agents/{id}/skills/{name}`           | Create or update skill |
| `DELETE` | `/api/captain/agents/{id}/skills/{name}`           | Delete skill           |
| `GET`    | `/api/captain/agents/{id}/connectors`              | List connectors        |
| `POST`   | `/api/captain/agents/{id}/connectors`              | Add connector          |
| `PUT`    | `/api/captain/agents/{id}/connectors/{name}`       | Update connector       |
| `DELETE` | `/api/captain/agents/{id}/connectors/{name}`       | Remove connector       |
| `GET`    | `/api/captain/agents/{id}/mcp/servers`             | List MCP servers       |
| `POST`   | `/api/captain/agents/{id}/mcp/servers`             | Add MCP server         |
| `DELETE` | `/api/captain/agents/{id}/mcp/servers/{name}`      | Remove MCP server      |
| `POST`   | `/api/captain/agents/{id}/mcp/servers/{name}/test` | Test MCP server        |
| `GET`    | `/api/captain/agents/{id}/cron`                    | List cron jobs         |
| `POST`   | `/api/captain/agents/{id}/cron`                    | Create cron job        |
| `GET`    | `/api/captain/agents/{id}/cron/{job_id}`           | Get cron job           |
| `PATCH`  | `/api/captain/agents/{id}/cron/{job_id}`           | Update cron job        |
| `DELETE` | `/api/captain/agents/{id}/cron/{job_id}`           | Delete cron job        |
| `POST`   | `/api/captain/agents/{id}/cron/{job_id}/run`       | Trigger cron job now   |

### Example: create an agent

```bash theme={null}
curl -X POST http://localhost:63372/api/captain/agents \
  -H "Authorization: Bearer $MEEPA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"id": "coder", "name": "Code Helper", "provider": "anthropic"}'
```

### Example: update agent soul

```bash theme={null}
curl -X PUT http://localhost:63372/api/captain/agents/meepa/soul \
  -H "Authorization: Bearer $MEEPA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"content": "# Meepa\n\nYou are a helpful assistant..."}'
```

### Example: add a connector

```bash theme={null}
curl -X POST http://localhost:63372/api/captain/agents/meepa/connectors \
  -H "Authorization: Bearer $MEEPA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name": "discord-bot", "type": "discord", "discord": {"bot_token": "Bot.Token..."}}'
```

***

## Security recommendations

* Keep `bind: 127.0.0.1` unless you need remote access. Use a reverse proxy with TLS for public exposure.
* Create dedicated API keys for CI/CD pipelines. Revoke them when no longer needed.
* Use a strong, unique password. The gateway uses Argon2 hashing.
