Docker primer: CoPaw + Talon
Run Talon as a gateway in front of your LLM provider. CoPaw sends every chat request to Talon; Talon resolves the agent from the presented key, scans for PII, enforces cost and model limits, forwards to the provider, and writes an audit record.
What you need
- Base URL in CoPaw:
http://localhost:8080/v1/proxy/openai/v1(orhttp://<talon-host>:8080/v1/proxy/openai/v1). - API Key in CoPaw: the primer agent's Talon agent key — the value minted into the vault secret referenced by
agent.key.secret_namein this directory'sagent.talon.yaml(talon secrets set gateway-copaw-primer-talon-key "$(openssl rand -hex 24)"). Not your real OpenAI/DashScope key.
Talon stores the real provider key in its vault; CoPaw only ever holds the agent key, which resolves to exactly one agent and its tenant.
Prerequisites
- Docker and Docker Compose
- Image build: This primer builds the Talon image from the repo root (
context: ../..). You need a clone of the Talon repo. Alternatively, use a pre-built image if available (e.g.ghcr.io/dativo-io/talon:latest) and setimage: ghcr.io/dativo-io/talon:latestindocker-compose.yamlinstead of thebuildblock. - Your real OpenAI (or DashScope) API key for
.env
Quick start
-
Copy env and set your provider key
cd docs/guides/copaw-talon-primercp .env.example .env# Edit .env: OPENAI_API_KEY=sk-your-key -
Build and run Talon
chmod +x entrypoint.shdocker compose builddocker compose up -d -
Configure CoPaw
In CoPaw Console (Settings → Models) or via env:
- Base URL:
http://localhost:8080/v1/proxy/openai/v1 - API Key: the agent key minted for
gateway-copaw-primer-talon-key
- Base URL:
-
Verify
talon audit list --agent gateway-copaw-primer(theagent.namefromagent.talon.yamlis the evidenceagent_id) and the dashboard CoPaw Agents tab.
See CoPaw integration for full steps and troubleshooting.
You're done
You now have CoPaw + Talon running in Docker. Talon is the gateway in front of your LLM provider; every request is logged, policy-checked, and recorded.
Next steps:
| I want to… | Doc |
|---|---|
| Cap cost or restrict models | How to cap daily spend per team or application |
| Run CoPaw + Talon without Docker | How to govern CoPaw with Talon |
| Export evidence for auditors | How to export evidence for auditors |
| Add another app through the gateway | Add Talon to your existing app |