fix(openclaw): remove --network=host, use bridge network #4

Merged

ashie merged 3 commits from franz-kafka/nixos-vps:fix/openclaw-network-isolation into main 2026-03-19 20:19:50 +00:00

Conversation 0 Commits 3 Files changed 1 +2 -5

franz-kafka commented 2026-03-19 15:10:15 +00:00

Owner

Copy link

Summary

Drops --network=host from the OpenClaw container, switching to Podman default bridge network.

What changes

• Removed --network=host from extraOptions
• Container now uses Podman default bridge (DNS-enabled)
• Gateway port 127.0.0.1:18789:8080 already configured in ports — this now works as intended

Security impact

• Before: Container could reach any service on the host (Forgejo SSH, Vaultwarden DB, AdGuard, CrowdSec LAPI, etc.)
• After: Container can only reach the internet (Discord API, model providers) and the mapped gateway port
• Principle of least privilege applied

What still works

• Discord API (outbound HTTPS) ✅
• AI model providers (outbound HTTPS) ✅
• Web search API (outbound HTTPS) ✅
• Gateway accessible on 127.0.0.1:18789 ✅

What is no longer reachable (intentional)

• Other host services on localhost/private IPs

If local access is needed later

Add a shared Podman network or specific extraOptions for that use case.

## Summary Drops `--network=host` from the OpenClaw container, switching to Podman default bridge network. ### What changes - Removed `--network=host` from `extraOptions` - Container now uses Podman default bridge (DNS-enabled) - Gateway port `127.0.0.1:18789:8080` already configured in `ports` — this now works as intended ### Security impact - **Before:** Container could reach any service on the host (Forgejo SSH, Vaultwarden DB, AdGuard, CrowdSec LAPI, etc.) - **After:** Container can only reach the internet (Discord API, model providers) and the mapped gateway port - Principle of least privilege applied ### What still works - Discord API (outbound HTTPS) ✅ - AI model providers (outbound HTTPS) ✅ - Web search API (outbound HTTPS) ✅ - Gateway accessible on `127.0.0.1:18789` ✅ ### What is no longer reachable (intentional) - Other host services on localhost/private IPs ### If local access is needed later Add a shared Podman network or specific `extraOptions` for that use case.

franz-kafka added 1 commit 2026-03-19 15:10:16 +00:00

fix(openclaw): remove --network=host, use bridge network ... 9092d6ec58

- Drops --network=host from OpenClaw container
- Container now runs on Podman's default bridge network
- Gateway port already mapped via ports config (127.0.0.1:18789:8080)
- Container retains outbound internet access for Discord API, model providers, etc.
- Cannot reach other host services (Forgejo, Vaultwarden, etc.) — principle of least privilege

Note: If OpenClaw needs to reach local services in the future, add explicit
extraOptions like --network=bridge or create a shared Podman network.

ashie added 1 commit 2026-03-19 20:17:51 +00:00

Merge branch 'main' into fix/openclaw-network-isolation 96a86db323

ashie added 1 commit 2026-03-19 20:19:06 +00:00

Merge branch 'main' into fix/openclaw-network-isolation b7ccb0a07e

ashie merged commit 17553dc5ee into main 2026-03-19 20:19:50 +00:00

ashie referenced this pull request from a commit 2026-03-19 20:19:51 +00:00

Merge pull request 'fix(openclaw): remove --network=host, use bridge network' (#4) from franz-kafka/nixos-vps:fix/openclaw-network-isolation into main

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

2 participants

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: penal-colony/nixos-vps#4

No description provided.