romtuck/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

default gateway bind to loopback, require explicit opt-in for public exposure #2590

Browse Source
This commit is contained in:
syedDS 2026-01-29 18:38:55 -05:00
parent 4583f88626
commit cd987e7ae0
5 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docker-compose.yml
View File

@ -22,7 +22,7 @@ services:
"dist/index.js", "dist/index.js",
"gateway", "gateway",
"--bind", "--bind",
"${CLAWDBOT_GATEWAY_BIND:-lan}", "${CLAWDBOT_GATEWAY_BIND:-loopback}",
"--port", "--port",
"${CLAWDBOT_GATEWAY_PORT:-18789}" "${CLAWDBOT_GATEWAY_PORT:-18789}"
] ]

3
fly.private.toml
View File

@ -22,7 +22,8 @@ primary_region = "iad" # change to your closest region
NODE_OPTIONS = "--max-old-space-size=1536" NODE_OPTIONS = "--max-old-space-size=1536"
[processes] [processes]
app = "node dist/index.js gateway --allow-unconfigured --port 3000 --bind lan" # Default bind is loopback (127.0.0.1) - appropriate for private deployment.
app = "node dist/index.js gateway --allow-unconfigured --port 3000"
# NOTE: No [http_service] block = no public ingress allocated. # NOTE: No [http_service] block = no public ingress allocated.
# The gateway will only be accessible via: # The gateway will only be accessible via:

4
fly.toml
View File

@ -15,7 +15,9 @@ primary_region = "iad" # change to your closest region
NODE_OPTIONS = "--max-old-space-size=1536" NODE_OPTIONS = "--max-old-space-size=1536"
[processes] [processes]
app = "node dist/index.js gateway --allow-unconfigured --port 3000 --bind lan" # Default bind is loopback (127.0.0.1). For public access, add: --bind lan --token YOUR_SECRET
# WARNING: Using --bind lan exposes your gateway to internet scanners (Shodan).
app = "node dist/index.js gateway --allow-unconfigured --port 3000"
[http_service] [http_service]
internal_port = 3000 internal_port = 3000

11
src/cli/gateway-cli/run.ts
View File

@ -256,6 +256,17 @@ async function runGatewayCommand(opts: GatewayRunOpts) {
return; return;
} }
// Warn when binding to non-loopback even with auth
if (bind !== "loopback" && hasSharedSecret) {
gatewayLog.warn(
[
`Gateway binding to ${bind} (network-accessible).`,
"Ensure this is intentional. The gateway may be discoverable via internet scanners.",
"For local-only access, use --bind loopback or omit the --bind flag.",
].join("\n"),
);
}
try { try {
await runGatewayLoop({ await runGatewayLoop({
runtime: defaultRuntime, runtime: defaultRuntime,

2
src/commands/doctor-security.ts
View File

@ -60,6 +60,7 @@ export async function noteSecurityWarnings(cfg: MoltbotConfig) {
warnings.push( warnings.push(
`- CRITICAL: Gateway bound to ${bindDescriptor} without authentication.`, `- CRITICAL: Gateway bound to ${bindDescriptor} without authentication.`,
` Anyone on your network (or internet if port-forwarded) can fully control your agent.`, ` Anyone on your network (or internet if port-forwarded) can fully control your agent.`,
` Your gateway is discoverable via internet scanners (Shodan, Censys).`,
` Fix: ${formatCliCommand("moltbot config set gateway.bind loopback")}`, ` Fix: ${formatCliCommand("moltbot config set gateway.bind loopback")}`,
...authFixLines, ...authFixLines,
); );
@ -67,6 +68,7 @@ export async function noteSecurityWarnings(cfg: MoltbotConfig) {
// Auth is configured, but still warn about network exposure // Auth is configured, but still warn about network exposure
warnings.push( warnings.push(
`- WARNING: Gateway bound to ${bindDescriptor} (network-accessible).`, `- WARNING: Gateway bound to ${bindDescriptor} (network-accessible).`,
` The gateway may be discoverable via internet scanners (Shodan, Censys).`,
` Ensure your auth credentials are strong and not exposed.`, ` Ensure your auth credentials are strong and not exposed.`,
); );
} }