mirror of
https://github.com/HKUDS/nanobot.git
synced 2026-05-19 16:12:30 +00:00
bf8a6e35fd
The `docker run` example for `gateway` in `docs/deployment.md` had drifted from the canonical configuration in `docker-compose.yml`: - It omitted the security flags that `docker-compose.yml` already declares (`cap_drop: ALL` + `cap_add: SYS_ADMIN` + unconfined apparmor/seccomp). These are required whenever `tools.exec.sandbox: "bwrap"` is enabled, because bwrap needs CAP_SYS_ADMIN for user namespaces; without them bwrap exits with `clone3: Operation not permitted` and exec tools silently fail. - It omitted `-p 8765:8765`, even though both the bundled `docker-compose.yml` and `Dockerfile` (`EXPOSE 18790 8765`) already expose the WebSocket channel / WebUI port; users following the docs would get a reachable gateway health endpoint but an unreachable WebUI. This change keeps the two paths in sync so anyone reading deployment.md and using `docker run` directly gets the same security posture and port surface as the Compose path. Also adds a short `!IMPORTANT` note documenting that `gateway.host` and `channels.websocket.host` default to `127.0.0.1` (set in `nanobot/config/schema.py:GatewayConfig`). Docker `-p` cannot forward to the container's loopback interface, so the user must set both binds to `0.0.0.0` in `config.json` for the published ports to actually be reachable. This is the symptom reported as items 2 + 3 of #3873; items 1 + 4 of that issue are already resolved on `main` (`Dockerfile` line 49 already exposes both ports, and README.md lines 218-220 already reflect that the WebUI ships in the wheel). Docs only, no code changes. Signed-off-by: voidborne-d <258577966+voidborne-d@users.noreply.github.com>
nanobot Docs
For the latest documentation, visit nanobot.wiki.
The pages in this directory track the current repository and may move faster than the published website.
Core Docs
Start here for setup, everyday usage, and deployment.
| Topic | Repo docs | What it covers |
|---|---|---|
| Install and quick start | quick-start.md |
Installation, onboarding, and first-run setup |
| Chat apps | chat-apps.md |
Connect nanobot to Telegram, Discord, WeChat, and more |
| Agent social network | agent-social-network.md |
Join external agent communities from nanobot |
| Configuration | configuration.md |
Providers, tools, channels, MCP, and runtime settings |
| Image generation | image-generation.md |
Configure image providers, WebUI image mode, and generated artifacts |
| WebUI | ../webui/README.md |
Open the bundled browser UI; LAN access; Vite dev server for contributors |
| Multiple instances | multiple-instances.md |
Run isolated bots with separate configs and workspaces |
| CLI reference | cli-reference.md |
Core CLI commands and common entrypoints |
| In-chat commands | chat-commands.md |
Slash commands and periodic task behavior |
| OpenAI-compatible API | openai-api.md |
Local API endpoints, request format, and file uploads |
| Deployment | deployment.md |
Docker, Linux service, and macOS LaunchAgent setup |
Advanced Docs
Use these when you want deeper customization, integration, or extension details.
| Topic | Repo docs | What it covers |
|---|---|---|
| Memory | memory.md |
How nanobot stores, consolidates, and restores memory |
| Python SDK | python-sdk.md |
Use nanobot programmatically from Python |
| Channel plugin guide | channel-plugin-guide.md |
Build and test custom chat channel plugins |
| WebSocket channel | websocket.md |
Real-time WebSocket access and protocol details |
| Custom tools | my-tool.md |
Inspect and tune runtime state with the my tool |