Air-gap deploy
TheSpider is built to run fully air-gapped. Validation is air-gap-safe by default (public keys embedded in the image); telemetry has a documented off switch; methodology ships as a bundled snapshot.
Validate the license offline
License validation uses embedded public keys, so it works with zero outbound network:
LICENSE_JWKS_URLdefaults tooff. Leave it unset/empty for a fully air-gapped install — no JWKS refresh is attempted.LICENSE_PUBLIC_KEYlets you override the embedded key with a base64url raw Ed25519 key for rotation, still with no network.
A boot with a malformed/bad-signature license fails loudly instead of degrading — you'll know at startup, not silently weeks later.
Turn telemetry off
TELEMETRY=off
TELEMETRY=off means zero outbound traffic. When on, telemetry sends only { version, deployment_mode, instance/license id, usage rollups (counts), error counts } — never findings content (asserted in the test suite and in deploy/verify-onprem.sh).
Ship a methodology snapshot
Every image release bundles a methodology snapshot at build time, so an air-gapped install gets a current methodology with the image — no GET /v1/method-updates pull required. Apply a newer snapshot offline:
docker compose -f deploy/docker-compose.yml exec server \
bun run src/apply-methodology.ts --project default --file /path/to/snapshot.json
Keep model keys local
On-prem AI dedupe uses your key and endpoint (AI_DEDUPE_API_KEY, AI_DEDUPE_BASE_URL) — a platform key never ships in the image. If your air-gap includes no outbound model access at all, leave AI_DEDUPE_API_KEY unset; dedupe falls back to heuristics-only (the free-tier behavior).
Verify the posture
bash deploy/verify-onprem.sh
The verifier asserts the telemetry-off posture and the license-validation path, among other checks.
Next steps
- Data handling — retention and isolation in your environment.
- Environment reference —
TELEMETRY,LICENSE_*, AI dedupe knobs.