fix(render): add startup script to configure trusted proxies and insecure UI auth

- Create render-start.sh that writes config before starting gateway - Configure gateway.trustedProxies for Render's internal network - Enable gateway.controlUi.allowInsecureAuth to skip device pairing
2026-01-26 00:20:36 -08:00 · 2026-01-26 00:20:36 -08:00 · 9eaaa2b0d0
commit 9eaaa2b0d0
parent 22ceef1b57
2 changed files with 25 additions and 1 deletions
--- a/render.yaml
+++ b/render.yaml
@ -3,7 +3,7 @@ services:
    name: moltbot
    runtime: docker
    plan: starter
-    dockerCommand: node dist/index.js gateway --port 8080 --bind lan --auth password --allow-unconfigured --trust-proxy
+    dockerCommand: sh scripts/render-start.sh
    envVars:
      - key: PORT
        value: "8080"
--- a/scripts/render-start.sh
+++ b/scripts/render-start.sh
@ -0,0 +1,24 @@
+#!/bin/sh
+# Render startup script - creates config and starts gateway
+
+# Create config directory
+mkdir -p /data/.clawdbot
+
+# Write config file with Render-specific settings
+cat > /data/.clawdbot/clawdbot.json << 'EOF'
+{
+  "gateway": {
+    "trustedProxies": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"],
+    "controlUi": {
+      "allowInsecureAuth": true
+    }
+  }
+}
+EOF
+
+# Start the gateway
+exec node dist/index.js gateway \
+  --port 8080 \
+  --bind lan \
+  --auth password \
+  --allow-unconfigured