From df9ee246afdd0780f35167f9eb990e2e88b4ef9b Mon Sep 17 00:00:00 2001 From: pranav-singhal Date: Tue, 27 Jan 2026 00:53:03 +0530 Subject: [PATCH] fix: update entrypoint script to ensure cloud-ready config with allowInsecureAuth --- Dockerfile | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3f23ac593..d9a0d04d6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -35,21 +35,24 @@ ENV NODE_ENV=production # Install gosu for dropping privileges safely RUN apt-get update && apt-get install -y --no-install-recommends gosu && rm -rf /var/lib/apt/lists/* -# Entrypoint script: fix /data permissions, ensure trustedProxies config, then drop to node user +# Entrypoint script: fix /data permissions, ensure cloud-ready config, then drop to node user RUN printf '#!/bin/sh\n\ if [ -d /data ]; then\n\ chown -R node:node /data 2>/dev/null || true\n\ fi\n\ -# Ensure trustedProxies config exists for Railway/cloud deployments\n\ +# Ensure cloud-ready config exists for Railway/cloud deployments\n\ if [ -n "$CLAWDBOT_STATE_DIR" ]; then\n\ mkdir -p "$CLAWDBOT_STATE_DIR"\n\ CONFIG_FILE="$CLAWDBOT_STATE_DIR/clawdbot.json"\n\ - # If no config or config lacks trustedProxies, create/update it\n\ - if [ ! -f "$CONFIG_FILE" ] || ! grep -q "trustedProxies" "$CONFIG_FILE" 2>/dev/null; then\n\ + # If no config or config lacks trustedProxies or allowInsecureAuth, create it\n\ + if [ ! -f "$CONFIG_FILE" ] || ! grep -q "trustedProxies" "$CONFIG_FILE" 2>/dev/null || ! grep -q "allowInsecureAuth" "$CONFIG_FILE" 2>/dev/null; then\n\ cat > "$CONFIG_FILE" << EOF\n\ {\n\ "gateway": {\n\ - "trustedProxies": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "100.64.0.0/10"]\n\ + "trustedProxies": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "100.64.0.0/10"],\n\ + "controlUi": {\n\ + "allowInsecureAuth": true\n\ + }\n\ }\n\ }\n\ EOF\n\