Configure local Docker gateway defaults

[SuperJohn]

Summary

Describe the problem and fix in 2–5 bullets:

If this PR fixes a plugin beta-release blocker, title it fix(<plugin-id>): beta blocker - <summary> and link the matching Beta blocker: <plugin-name> - <summary> issue labeled beta-blocker. Contributors cannot label PRs, so the title is the PR-side signal for maintainers and automation.

• Problem:
• Why it matters:
• What changed:
• What did NOT change (scope boundary):

Change Type (select all)

• Bug fix
• Feature
• Refactor required for the fix
• Docs
• Security hardening
• Chore/infra

Scope (select all touched areas)

• Gateway / orchestration
• Skills / tool execution
• Auth / tokens
• Memory / storage
• Integrations
• API / contracts
• UI / DX
• CI/CD / infra

Linked Issue/PR

• Closes #
• Related #
• This PR fixes a bug or regression

Root Cause / Regression History (if applicable)

For bug fixes or regressions, explain why this happened, not just what changed. Otherwise write N/A. If the cause is unclear, write Unknown.

• Root cause:
• Missing detection / guardrail:
• Prior context (git blame, prior PR, issue, or refactor if known):
• Why this regressed now:
• If unknown, what was ruled out:

Regression Test Plan (if applicable)

For bug fixes or regressions, name the smallest reliable test coverage that should have caught this. Otherwise write N/A.

• Coverage level that should have caught this:
  • Unit test
  • Seam / integration test
  • End-to-end test
  • Existing coverage already sufficient
• Target test or file:
• Scenario the test should lock in:
• Why this is the smallest reliable guardrail:
• Existing test that already covers this (if any):
• If no new test is added, why not:

User-visible / Behavior Changes

List user-visible changes (including defaults/config).
If none, write None.

Diagram (if applicable)

For UI changes or non-trivial logic flows, include a small ASCII diagram reviewers can scan quickly. Otherwise write N/A.

Before:
[user action] -> [old state]

After:
[user action] -> [new state] -> [result]

Security Impact (required)

• New permissions/capabilities? (Yes/No)
• Secrets/tokens handling changed? (Yes/No)
• New/changed network calls? (Yes/No)
• Command/tool execution surface changed? (Yes/No)
• Data access scope changed? (Yes/No)
• If any Yes, explain risk + mitigation:

Repro + Verification

Environment

• OS:
• Runtime/container:
• Model/provider:
• Integration/channel (if any):
• Relevant config (redacted):

Steps

Expected

Actual

Evidence

Attach at least one:

• Failing test/log before + passing after
• Trace/log snippets
• Screenshot/recording
• Perf numbers (if relevant)

Human Verification (required)

What you personally verified (not just CI), and how:

• Verified scenarios:
• Edge cases checked:
• What you did not verify:

Review Conversations

• I replied to or resolved every bot review conversation I addressed in this PR.
• I left unresolved only the conversations that still need reviewer or maintainer judgment.

If a bot review conversation is addressed by this PR, resolve that conversation yourself. Do not leave bot review conversation cleanup for maintainers.

Compatibility / Migration

• Backward compatible? (Yes/No)
• Config/env changes? (Yes/No)
• Migration needed? (Yes/No)
• If yes, exact upgrade steps:

Risks and Mitigations

List only real risks for this PR. Add/remove entries as needed. If none, write None.

• Risk:
  • Mitigation:

[greptile-apps]

Greptile Summary

This PR makes two small infrastructure changes: it restricts the Docker gateway and bridge port bindings to 127.0.0.1 by default (previously 0.0.0.0, exposing ports on all host interfaces), and adds .openclaw/ to .gitignore to prevent local configuration data from being accidentally committed.

Both changes are straightforward and the security tightening of the default bind address is a sensible hardening for local development use.

Confidence Score: 5/5

• Safe to merge — both changes are small, deliberate, and well-scoped.
• No P0 or P1 issues found. The port-binding default change is intentional and clearly described in the PR title. The only non-trivial side effect is a behavior change for users running in multi-host setups, but that is the explicit goal of this PR and is easily overridden via the new env vars.
• No files require special attention.

Prompt To Fix All With AI

This is a comment left during a code review.
Path: docker-compose.yml
Line: 25-26

Comment:
**Breaking change for multi-host setups**

Any user who was relying on the previous default of binding to all interfaces (`0.0.0.0`) — e.g. accessing the gateway from another machine on the LAN or from a CI agent — will silently lose connectivity after pulling this change. They would need to set `OPENCLAW_GATEWAY_HOST_IP=0.0.0.0` and `OPENCLAW_BRIDGE_HOST_IP=0.0.0.0` explicitly. Consider noting this in the changelog or an upgrade guide so it doesn't go unnoticed.

How can I resolve this? If you propose a fix, please make it concise.

_{Reviews (1): Last reviewed commit: "Configure local Docker gateway defaults" | Re-trigger Greptile}

[greptile-apps]

Breaking change for multi-host setups

Any user who was relying on the previous default of binding to all interfaces (0.0.0.0) — e.g. accessing the gateway from another machine on the LAN or from a CI agent — will silently lose connectivity after pulling this change. They would need to set OPENCLAW_GATEWAY_HOST_IP=0.0.0.0 and OPENCLAW_BRIDGE_HOST_IP=0.0.0.0 explicitly. Consider noting this in the changelog or an upgrade guide so it doesn't go unnoticed.

Prompt To Fix With AI

This is a comment left during a code review.
Path: docker-compose.yml
Line: 25-26

Comment:
**Breaking change for multi-host setups**

Any user who was relying on the previous default of binding to all interfaces (`0.0.0.0`) — e.g. accessing the gateway from another machine on the LAN or from a CI agent — will silently lose connectivity after pulling this change. They would need to set `OPENCLAW_GATEWAY_HOST_IP=0.0.0.0` and `OPENCLAW_BRIDGE_HOST_IP=0.0.0.0` explicitly. Consider noting this in the changelog or an upgrade guide so it doesn't go unnoticed.

How can I resolve this? If you propose a fix, please make it concise.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 85842c7a79

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Preserve host:port values for OPENCLAW_GATEWAY_PORT

This new port mapping assumes OPENCLAW_GATEWAY_PORT is numeric, but existing setups can legitimately store host:port forms (for example 127.0.0.1:18789), which the codebase explicitly supports when reading .env values (src/config/paths.ts explains this compatibility). With this change, such values render as 127.0.0.1:127.0.0.1:18789:18789, causing docker compose port parsing to fail and preventing the gateway container from starting for upgraded users who already use the old format.

Useful? React with 👍 / 👎.