- package.json: name moltbot, bin moltbot + clawdbot (compat shim)
- paths.ts: MOLTBOT_* preferred, CLAWDBOT_* legacy; default ~/.clawdbot; config moltbot.json; export STATE_DIR/CONFIG_PATH
- render.yaml: service name moltbot, disk moltbot-data; CLAWDBOT_* env vars and /data/.clawdbot (match upstream)
- render-start.sh: support CLAWDBOT_* and MOLTBOT_* for state/token; write moltbot.json
- Dockerfile: MOLTBOT_DOCKER_APT_PACKAGES, MOLTBOT_PREFER_PNPM
- config/io.ts: MOLTBOT_* env for gateway token and config cache
- Replace STATE_DIR_CLAWDBOT/CONFIG_PATH_CLAWDBOT with STATE_DIR_MOLTBOT/CONFIG_PATH_MOLTBOT across src; paths exports both for compat
- Disable set -e during permission testing
- Add explicit error checks with clear messages
- Verify token is set before starting
- Add directory listings if dist/index.js missing
- More verbose logging throughout
- Check return codes explicitly
- Use set +e for permission testing, check exit codes explicitly
- Default to HOME/.clawdbot which is always writable
- Use heredoc for config file writing (more reliable)
- Add debug output for user/UID
- Remove duplicate echo statements
- Disable set -e for entire permission testing section
- Re-enable set -e after config is written
- Simpler logic without complex conditionals
- More reliable error handling
- Use for loop to try directories in order
- Temporarily disable set -e for permission tests
- Write config file directly to test writability
- More robust error handling that works with set -e
- Use touch/rm test instead of -w flag for better compatibility
- Clean up unused variables
- Add clearer fallback chain with logging
- Ensure script handles all edge cases gracefully
- Check if CLAWDBOT_STATE_DIR or /data/.clawdbot is writable
- Fall back to $HOME/.clawdbot if permissions fail
- Update CLAWDBOT_STATE_DIR export to match actual directory used
- Prevents Docker failures when running as node user (non-root)
The key difference from the wrapper:
- Wrapper strips proxy headers before forwarding to internal gateway
- Direct deployment needs trustedProxies config to trust Render's proxy IPs
This script:
1. Creates config with gateway.trustedProxies for Render's internal IPs
2. Sets allowInsecureAuth for Control UI access
3. Starts gateway with token auth
Closes#1393
The distribution script (package-mac-dist.sh) now defaults BUILD_ARCHS to 'all',
producing universal binaries that run natively on both Apple Silicon and Intel Macs.
Previously, the script inherited the host architecture default from package-mac-app.sh,
which meant release builds done on ARM Macs only included ARM binaries.