#8478: Security: remove --allow-unconfigured from default Dockerfile CMD
docker
stale
Cluster:
Docker and Deployment Improvements
## Summary
- Removes `--allow-unconfigured` flag from default Dockerfile CMD
- Gateway now requires authentication by default (`OPENCLAW_GATEWAY_TOKEN` or `OPENCLAW_GATEWAY_PASSWORD`)
- Added documentation for users who need to explicitly bypass (not recommended)
## Why
This addresses a critical security issue where the gateway could be exposed to the network without authentication when combined with `--bind lan` or `--bind wan`.
Secure-by-default is the correct posture for a production container image.
## Breaking Change
Users who relied on unauthenticated gateway startup must now:
1. Set `OPENCLAW_GATEWAY_TOKEN` or `OPENCLAW_GATEWAY_PASSWORD` env var, OR
2. Explicitly override CMD with `--allow-unconfigured` (not recommended)
## Test Plan
- [ ] Build Docker image: `docker build -t openclaw:test .`
- [ ] Verify gateway fails to start without auth token
- [ ] Verify gateway starts with `OPENCLAW_GATEWAY_TOKEN` set
- [ ] Verify explicit override still works for users who need it
<!-- greptile_comment -->
<h2>Greptile Overview</h2>
<h3>Greptile Summary</h3>
This PR updates the container’s default runtime behavior by removing the `--allow-unconfigured` flag from the `Dockerfile` CMD, making the gateway require authentication by default. It also adds inline Dockerfile comments documenting the required env vars (`OPENCLAW_GATEWAY_TOKEN` / `OPENCLAW_GATEWAY_PASSWORD`) and how to explicitly override the CMD to re-enable unauthenticated startup (discouraged).
<h3>Confidence Score: 4/5</h3>
- This PR is safe to merge and improves secure-by-default behavior, with only minor documentation/clarity risks.
- The change is confined to the Dockerfile CMD and comments, removing an insecure default flag. Main risk is user confusion around the override example/health-check guidance rather than runtime breakage beyond the intended breaking change.
- Dockerfile (comment examples and override instructions)
<!-- greptile_other_comments_section -->
<sub>(2/5) Greptile learns from your feedback when you react with thumbs up/down!</sub>
<!-- /greptile_comment -->
Most Similar PRs
#6638: fix: make Dockerfile work on container platforms (Render, Railway, ...
by kaizen403 · 2026-02-01
85.2%
#21784: fix(security): restrict gateway ports to loopback by default
by smilekyra · 2026-02-20
83.5%
#8050: fix: docker hardening
by christopherbarnett96 · 2026-02-03
82.8%
#9999: Docker: fix token mismatch and add dev setup workflow
by benclarkeio · 2026-02-06
82.5%
#9190: feat(docker): Add autonomous container self-restart and runtime pac...
by alexdredmon · 2026-02-05
81.7%
#12504: fix: allow docker cli container to connect to gateway
by bvanderdrift · 2026-02-09
81.4%
#11915: Docs: Docker + reverse proxy deployment notes and pairing pitfalls
by walshd1 · 2026-02-08
80.0%
#23578: docs(docker): clarify dashboard HTTP access and allowInsecureAuth
by NewdlDewdl · 2026-02-22
79.9%
#21305: Fix/proxy-ip-allow-list
by janaka · 2026-02-19
79.4%
#7133: feat: Automated Docker setup with environment-based configuration
by synetalsolutions · 2026-02-02
79.3%