#3514: fix: Render deployment support with CIDR trustedProxies and LLM configuration docs

## Summary This PR fixes Render deployment issues and adds documentation for LLM provider configuration when deploying Moltbot on Render. ## Changes ### Core fixes 1. **CIDR support for `trustedProxies`** (`src/gateway/net.ts`) - Added CIDR notation support (e.g. `10.0.0.0/8`) to `isTrustedProxyAddress()` - Enables correct proxy header handling behind Render’s load balancer - Fixes "Proxy headers detected from untrusted address" errors - Backward compatible with existing exact IP matching 2. **Render startup script** (`scripts/render-start.sh`) - Creates `moltbot.json` config with Render-friendly settings - Sets `trustedProxies` to private IP ranges (`10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) - Sets `allowInsecureAuth: true` for Control UI - Uses `MOLTBOT_STATE_DIR` / `MOLTBOT_GATEWAY_TOKEN` (with legacy env fallbacks) - Disables config cache for fresh reads 3. **Render blueprint** (`render.yaml`) - Uses `dockerCommand: /bin/sh scripts/render-start.sh` - Adds env vars: `MOLTBOT_GATEWAY_TOKEN`, `MOLTBOT_STATE_DIR`, `MOLTBOT_WORKSPACE_DIR` - Adds LLM provider API key placeholders (Anthropic, OpenAI, Gemini, Groq, OpenRouter, etc.) - All secrets use `sync: false` ### Documentation 4. **Render deployment guide** (`docs/render.mdx`) - Section on configuring LLM API keys in the Render dashboard - Links to API key sources per provider - Alternative config-file method - Generic note on community wrappers for installer-b <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> This PR updates gateway networking to accept `trustedProxies` entries in CIDR notation (fixing proxy-header trust when deployed behind Render/private load balancers), adds a Render startup script + blueprint changes to run via `scripts/render-start.sh`, and expands Render docs around environment-based LLM provider configuration. Core behavioral changes include switching the Docker image default `CMD` to the Render startup script, and expanding tests around proxy-trust/CIDR handling and canvas host availability in CI. These changes primarily affect hosted deployments and request client-IP resolution behind proxies. <h3>Confidence Score: 3/5</h3> - This PR is moderately safe to merge, but the new Render startup behavior risks clobbering user config and weakening Control UI security if used outside the intended quickstart context. - CIDR matching logic is straightforward and covered by new tests, but the deployment script now writes a minimal config unconditionally and enables insecure auth in generated config, which can cause surprising behavior/security posture changes on restarts. Test changes also introduce early-return skips that can hide regressions. - scripts/render-start.sh, Dockerfile, src/canvas-host/server.test.ts <!-- greptile_other_comments_section --> _{(4/5) You can add custom instructions or style guidelines for the agent [here](https://app.greptile.com/review/github)!} <!-- /greptile_comment -->