Merge pull request #1552 from mnfst/docker-fixes

fix(docker): harden Docker release and routing correctness

Author: brunobuddy

.changeset/docker-hardening-phase-1-2.md

@@ -0,0 +1,5 @@
+---
+"manifest": patch
+---
+
+Docker release hardening pass: parameterize POSTGRES_PASSWORD and wire `.env.example` through `install.sh`; bind port 3001 to `127.0.0.1` by default; drop stale `MANIFEST_TRUST_LAN` from docs; replace OpenClaw-specific meta tags in the SPA with agent-neutral copy. `/api/v1/routing/:agent/status` now returns a structured `{ enabled, reason }` shape and only claims `enabled: true` when at least one tier resolves to a real model (`reason: no_provider | no_routable_models | pricing_cache_empty`). Provider connect rejects unknown providers and normalises casing. Tier override rejects unknown models with a helpful list. New `GET /api/v1/routing/pricing-health` and `POST /api/v1/routing/pricing/refresh` endpoints plus a Routing-page banner when the OpenRouter pricing cache is empty. Workspace-card and per-agent message counts now exclude error and fallback-error rows.

docker/.env.example

@@ -13,8 +13,11 @@ BETTER_AUTH_SECRET=
 
 # ─── Database ──────────────────────────────────────────────────────────────
 
-# Override the bundled Postgres password for hardening.
+# To harden the bundled Postgres password, set BOTH of the variables below.
+# They must agree. Special characters in the password must be percent-encoded
+# in DATABASE_URL (e.g. `@` → `%40`, `:` → `%3A`, `/` → `%2F`).
 # POSTGRES_PASSWORD=change-me
+# DATABASE_URL=postgresql://manifest:change-me@postgres:5432/manifest
 
 
 # ─── Email provider (optional) ─────────────────────────────────────────────

docker/DOCKER_README.md

@@ -62,9 +62,11 @@ Works with 300+ models across OpenAI, Anthropic, Google Gemini, DeepSeek, xAI, M
 
 Three paths, ordered from fastest to most hands-on. All three end in the same place: a running stack that walks you through the **setup wizard** at [http://localhost:3001](http://localhost:3001) to create your admin account.
 
+> **Heads up on network binding.** The bundled compose file binds port 3001 to `127.0.0.1` only, so the dashboard is reachable on the host machine but not over the LAN. See [Custom port](#custom-port) to expose it beyond localhost.
+
 ### Option 1: Quickstart install script (recommended)
 
-One command. The script downloads `docker/docker-compose.yml`, generates a fresh `BETTER_AUTH_SECRET` and injects it into the compose file, brings up the stack, and waits for the healthcheck to go green.
+One command. The script downloads `docker/docker-compose.yml` and `docker/.env.example`, writes a fresh `BETTER_AUTH_SECRET` into `.env`, brings up the stack, and waits for the healthcheck to go green.
 
 ```bash
 bash <(curl -sSL https://raw.githubusercontent.com/mnfst/manifest/main/docker/install.sh)
@@ -82,20 +84,24 @@ Flags: `--dir <path>` (install into a custom directory, defaults to `./manifest`
 
 ### Option 2: Docker Compose (manual)
 
-Same underlying flow as the install script, but you drive it yourself so you can edit the compose file before booting the stack.
+Same underlying flow as the install script, but you drive it yourself so you can edit the config before booting the stack.
 
-1. Download the compose file:
+1. Download the compose file and the env template into the same directory:
 
 ```bash
 curl -O https://raw.githubusercontent.com/mnfst/manifest/main/docker/docker-compose.yml
+curl -O https://raw.githubusercontent.com/mnfst/manifest/main/docker/.env.example
+cp .env.example .env
 ```
 
-2. Generate a secret and paste it over the `BETTER_AUTH_SECRET` placeholder in `docker-compose.yml`:
+2. Generate a secret and paste it into the `BETTER_AUTH_SECRET=` line in `.env`:
 
 ```bash
 openssl rand -hex 32
 ```
 
+(Optional: to use a stronger database password, set BOTH `POSTGRES_PASSWORD` and `DATABASE_URL` in `.env` — they must agree, and any special characters in the password need to be percent-encoded in the URL.)
+
 3. Start it:
 
 ```bash
@@ -191,12 +197,24 @@ Or in docker-compose.yml:
 
 ```yaml
 ports:
-  - "8080:3001"
-environment:
-  - BETTER_AUTH_URL=http://localhost:8080
+  - "127.0.0.1:8080:3001"
+```
+
+…and in `.env`:
+
+```env
+BETTER_AUTH_URL=http://localhost:8080
 ```
 
-If you see "Invalid origin" on the login page, `BETTER_AUTH_URL` doesn't match the port you're using.
+### Exposing on the LAN
+
+By default the compose file binds port 3001 to `127.0.0.1` only — the dashboard is reachable from the host but not from other machines on the network. To expose it on the LAN:
+
+1. Edit `docker-compose.yml` and change the `ports` line from `"127.0.0.1:3001:3001"` to `"3001:3001"`.
+2. In `.env`, set `BETTER_AUTH_URL` to the host you'll reach the dashboard on — e.g. `http://192.168.1.20:3001` or `https://manifest.mydomain.com`. This MUST match the URL in the browser or Better Auth will reject the login with "Invalid origin".
+3. `docker compose up -d` to apply.
+
+If you see "Invalid origin" on the login page, `BETTER_AUTH_URL` doesn't match the URL you're accessing the dashboard on. The host matters as much as the port.
 
 ## Image tags
 
@@ -256,7 +274,6 @@ docker compose down -v    # ⚠  destroys all data
 | `PORT` | No | `3001` | Internal server port |
 | `NODE_ENV` | No | `production` | Set `development` for auto-migrations |
 | `SEED_DATA` | No | `false` | Seed demo data on startup |
-| `MANIFEST_TRUST_LAN` | No | `false` | Trust private network IPs (needed in Docker) |
 
 Full env var reference: [github.com/mnfst/manifest](https://github.com/mnfst/manifest)
 

docker/docker-compose.yml

@@ -2,25 +2,34 @@
 # http://localhost:3001 and the app walks you through creating the first
 # admin account via the setup wizard at /setup. No hardcoded credentials.
 #
+# Configuration comes from a `.env` file next to this compose file.
+# Copy `.env.example` to `.env` and set at least BETTER_AUTH_SECRET before
+# booting. The install script does this automatically.
+#
 # Before exposing this instance beyond localhost:
-#   - Replace BETTER_AUTH_SECRET below with a real secret. Generate one
-#     with: openssl rand -hex 32
+#   - Set a real BETTER_AUTH_SECRET in .env (openssl rand -hex 32).
+#   - To harden the database password, set BOTH `POSTGRES_PASSWORD` AND
+#     `DATABASE_URL` in .env. They must agree — the password in the URL
+#     must match POSTGRES_PASSWORD, and any special characters must be
+#     percent-encoded in the URL.
 #   - Confirm your admin password is strong (the setup wizard enforces
 #     at least 8 characters).
 #   - If you enable email verification (set EMAIL_PROVIDER / EMAIL_API_KEY),
 #     set BETTER_AUTH_URL to a reachable public URL so the verification
 #     links resolve.
+#   - The app port binds to 127.0.0.1 by default. To expose on the LAN,
+#     change `127.0.0.1:3001:3001` below to `3001:3001` AND update
+#     BETTER_AUTH_URL in .env to match the host you reach it on.
 
 services:
   manifest:
     image: manifestdotbuild/manifest:latest
     ports:
-      - "3001:3001"
+      - "127.0.0.1:3001:3001"
     environment:
-      - DATABASE_URL=postgresql://manifest:manifest@postgres:5432/manifest
-      # ⚠  Placeholder. Replace before any non-localhost use (see top of file).
-      - BETTER_AUTH_SECRET=change-me-to-a-random-32-char-string!!
-      - BETTER_AUTH_URL=http://localhost:3001
+      - DATABASE_URL=${DATABASE_URL:-postgresql://manifest:manifest@postgres:5432/manifest}
+      - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:?BETTER_AUTH_SECRET must be set in .env}
+      - BETTER_AUTH_URL=${BETTER_AUTH_URL:-http://localhost:3001}
       - SEED_DATA=false
       - NODE_ENV=production
       - AUTO_MIGRATE=true
@@ -64,7 +73,7 @@ services:
     image: postgres:16-alpine@sha256:20edbde7749f822887a1a022ad526fde0a47d6b2be9a8364433605cf65099416
     environment:
       - POSTGRES_USER=manifest
-      - POSTGRES_PASSWORD=manifest
+      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-manifest}
       - POSTGRES_DB=manifest
     volumes:
       - pgdata:/var/lib/postgresql/data

docker/install.sh

@@ -1,11 +1,11 @@
 #!/usr/bin/env bash
 # Manifest — self-host quick install
 #
-# Downloads the Docker Compose file, generates a BETTER_AUTH_SECRET and
-# writes it into the compose file (replacing the placeholder), then brings
-# up the stack. Designed for first-time self-hosters who want a one-command
-# setup. After the stack is healthy, visit http://localhost:3001 — the
-# setup wizard walks you through creating the first admin account.
+# Downloads the Docker Compose file and the `.env.example` template,
+# generates a BETTER_AUTH_SECRET, writes it into a local `.env`, then
+# brings up the stack. Designed for first-time self-hosters who want a
+# one-command setup. After the stack is healthy, visit http://localhost:3001
+# — the setup wizard walks you through creating the first admin account.
 #
 # Usage:
 #   bash install.sh                  # install into ./manifest
@@ -97,6 +97,15 @@ else
     || die "Failed to download docker-compose.yml"
 fi
 
+log "Downloading .env.example"
+ENV_PATH="$INSTALL_DIR/.env"
+if [[ "$DRY_RUN" -eq 1 ]]; then
+  printf '    \033[2m$ curl -sSLf %s/.env.example -o %s\033[0m\n' "$REPO_RAW" "$ENV_PATH"
+else
+  curl -sSLf "$REPO_RAW/.env.example" -o "$ENV_PATH" \
+    || die "Failed to download .env.example"
+fi
+
 log "Generating BETTER_AUTH_SECRET"
 if [[ "$DRY_RUN" -eq 1 ]]; then
   SECRET="<generated-at-install-time>"
@@ -108,18 +117,25 @@ else
   esac
 fi
 
-log "Writing secret into docker-compose.yml"
-COMPOSE_PATH="$INSTALL_DIR/docker-compose.yml"
-PLACEHOLDER='BETTER_AUTH_SECRET=change-me-to-a-random-32-char-string!!'
+log "Writing secret into .env"
 if [[ "$DRY_RUN" -eq 1 ]]; then
-  printf '    \033[2m$ replace "%s" → BETTER_AUTH_SECRET=<generated> in %s\033[0m\n' "$PLACEHOLDER" "$COMPOSE_PATH"
+  printf '    \033[2m$ replace "BETTER_AUTH_SECRET=" → "BETTER_AUTH_SECRET=<generated>" in %s\033[0m\n' "$ENV_PATH"
 else
-  if ! grep -qF "$PLACEHOLDER" "$COMPOSE_PATH"; then
-    die "Placeholder BETTER_AUTH_SECRET not found in $COMPOSE_PATH — refusing to proceed."
+  if ! grep -qE '^BETTER_AUTH_SECRET=$' "$ENV_PATH"; then
+    die "Expected empty BETTER_AUTH_SECRET= line not found in $ENV_PATH — refusing to proceed."
   fi
-  # openssl rand -hex produces only [0-9a-f], so plain bash string replacement is safe.
-  compose_content=$(<"$COMPOSE_PATH")
-  printf '%s' "${compose_content//$PLACEHOLDER/BETTER_AUTH_SECRET=$SECRET}" > "$COMPOSE_PATH"
+  # Line-based rewrite — no sed, no quoting edge cases. openssl rand -hex
+  # produces only [0-9a-f], so interpolation into the line is safe.
+  new_content=""
+  while IFS= read -r line || [[ -n "$line" ]]; do
+    if [[ "$line" == "BETTER_AUTH_SECRET=" ]]; then
+      new_content+="BETTER_AUTH_SECRET=$SECRET"$'\n'
+    else
+      new_content+="$line"$'\n'
+    fi
+  done < "$ENV_PATH"
+  printf '%s' "$new_content" > "$ENV_PATH"
+  chmod 600 "$ENV_PATH"
 fi
 
 log "Starting the stack"
@@ -141,8 +157,14 @@ for _ in $(seq 1 24); do
     log "Manifest is up."
     cat <<EOF
 
-  Open:  http://localhost:3001
-  Setup: the first visit walks you through creating your admin account.
+  Open:   http://localhost:3001
+  Setup:  the first visit walks you through creating your admin account.
+  Config: $INSTALL_DIR/.env  (BETTER_AUTH_SECRET, OAuth keys, email provider)
+
+  Note:   Port 3001 is bound to 127.0.0.1 only. To expose on your LAN,
+          edit $INSTALL_DIR/docker-compose.yml and change the ports line
+          from "127.0.0.1:3001:3001" to "3001:3001", then update
+          BETTER_AUTH_URL in .env to match the host you'll access it on.
 
   Stop:  (cd $INSTALL_DIR && docker compose down)
   Wipe:  (cd $INSTALL_DIR && docker compose down -v)

packages/backend/src/analytics/services/agent-analytics.service.ts

@@ -2,10 +2,7 @@ import { Injectable } from '@nestjs/common';
 import { InjectRepository } from '@nestjs/typeorm';
 import { Repository } from 'typeorm';
 import { AgentMessage } from '../../entities/agent-message.entity';
-import {
-  rangeToInterval,
-  rangeToPreviousInterval,
-} from '../../common/utils/range.util';
+import { rangeToInterval, rangeToPreviousInterval } from '../../common/utils/range.util';
 import { computeTrend } from './query-helpers';
 import { computeCutoff } from '../../common/utils/sql-dialect';
 
@@ -50,7 +47,10 @@ export class AgentAnalyticsService {
         .select('COALESCE(SUM(at.input_tokens), 0)', 'input')
         .addSelect('COALESCE(SUM(at.output_tokens), 0)', 'output')
         .addSelect('COALESCE(SUM(at.cache_read_tokens), 0)', 'cache_read')
-        .addSelect('COUNT(*)', 'messages')
+        .addSelect(
+          `COUNT(*) FILTER (WHERE at.status IS NULL OR at.status NOT IN ('error', 'fallback_error'))`,
+          'messages',
+        )
         .where('at.timestamp >= :cutoff', { cutoff })
         .andWhere('at.tenant_id = :tenantId', { tenantId: scope.tenantId })
         .andWhere('at.agent_id = :agentId', { agentId: scope.agentId })

packages/backend/src/analytics/services/timeseries-queries.service.ts

@@ -202,7 +202,10 @@ export class TimeseriesQueriesService {
     const statsQb = this.turnRepo
       .createQueryBuilder('at')
       .select('at.agent_name', 'agent_name')
-      .addSelect('COUNT(*)', 'message_count')
+      .addSelect(
+        `COUNT(*) FILTER (WHERE at.status IS NULL OR at.status NOT IN ('error', 'fallback_error'))`,
+        'message_count',
+      )
       .addSelect('MAX(at.timestamp)', 'last_active')
       .addSelect(`COALESCE(SUM(${costExpr}), 0)`, 'total_cost')
       .addSelect('COALESCE(SUM(at.input_tokens + at.output_tokens), 0)', 'total_tokens')

packages/backend/src/routing/dto/routing.dto.spec.ts

@@ -1,7 +1,12 @@
 import 'reflect-metadata';
 import { validate } from 'class-validator';
 import { plainToInstance } from 'class-transformer';
-import { AgentNameParamDto, CopilotPollDto, SetFallbacksDto } from './routing.dto';
+import {
+  AgentNameParamDto,
+  ConnectProviderDto,
+  CopilotPollDto,
+  SetFallbacksDto,
+} from './routing.dto';
 
 function toDto(data: Record<string, unknown>): AgentNameParamDto {
   return plainToInstance(AgentNameParamDto, data);
@@ -71,6 +76,61 @@ describe('AgentNameParamDto', () => {
   });
 });
 
+describe('ConnectProviderDto', () => {
+  function toConnectDto(data: Record<string, unknown>): ConnectProviderDto {
+    return plainToInstance(ConnectProviderDto, data);
+  }
+
+  it('accepts a known provider id', async () => {
+    const dto = toConnectDto({ provider: 'openai', apiKey: 'sk-abcdef' });
+    const errors = await validate(dto);
+    expect(errors).toHaveLength(0);
+    expect(dto.provider).toBe('openai');
+  });
+
+  it('normalizes provider casing to lowercase', async () => {
+    const dto = toConnectDto({ provider: 'OpenAI' });
+    const errors = await validate(dto);
+    expect(errors).toHaveLength(0);
+    expect(dto.provider).toBe('openai');
+  });
+
+  it('trims whitespace around the provider name', async () => {
+    const dto = toConnectDto({ provider: '  anthropic  ' });
+    const errors = await validate(dto);
+    expect(errors).toHaveLength(0);
+    expect(dto.provider).toBe('anthropic');
+  });
+
+  it('accepts registered aliases (google -> gemini entry)', async () => {
+    const dto = toConnectDto({ provider: 'google' });
+    const errors = await validate(dto);
+    expect(errors).toHaveLength(0);
+  });
+
+  it('rejects an unknown provider name', async () => {
+    const dto = toConnectDto({ provider: 'made-up-xyz' });
+    const errors = await validate(dto);
+    expect(errors.length).toBeGreaterThan(0);
+    const flat = errors.flatMap((e) => Object.values(e.constraints ?? {}));
+    expect(flat.join('\n')).toMatch(/provider must be one of/);
+  });
+
+  it('rejects an empty provider', async () => {
+    const dto = toConnectDto({ provider: '' });
+    const errors = await validate(dto);
+    expect(errors.length).toBeGreaterThan(0);
+  });
+
+  it('passes through a non-string provider value without transforming', async () => {
+    const dto = toConnectDto({ provider: 42 });
+    // Transform preserves non-strings so class-validator can reject via @IsString
+    expect(dto.provider).toBe(42 as unknown as string);
+    const errors = await validate(dto);
+    expect(errors.length).toBeGreaterThan(0);
+  });
+});
+
 describe('CopilotPollDto', () => {
   function toPollDto(data: Record<string, unknown>): CopilotPollDto {
     return plainToInstance(CopilotPollDto, data);

packages/backend/src/routing/dto/routing.dto.ts

@@ -7,8 +7,12 @@ import {
   ArrayMaxSize,
   Matches,
 } from 'class-validator';
+import { Transform } from 'class-transformer';
 
 import { TIERS, AUTH_TYPES } from 'manifest-shared';
+import { PROVIDER_BY_ID_OR_ALIAS } from '../../common/constants/providers';
+
+const KNOWN_PROVIDER_IDS: readonly string[] = Array.from(PROVIDER_BY_ID_OR_ALIAS.keys());
 
 export class AgentNameParamDto {
   @IsString()
@@ -31,6 +35,10 @@ export class ProviderParamDto {
 export class ConnectProviderDto {
   @IsString()
   @IsNotEmpty()
+  @Transform(({ value }) => (typeof value === 'string' ? value.trim().toLowerCase() : value))
+  @IsIn(KNOWN_PROVIDER_IDS, {
+    message: `provider must be one of: ${KNOWN_PROVIDER_IDS.join(', ')}`,
+  })
   provider!: string;
 
   @IsOptional()