Skip to content

chore(dev): use host.docker.internal instead of hardcoded LAN IPs#3116

Merged
eshurakov merged 2 commits intomainfrom
chore/docker-host-internal-dev-config
May 7, 2026
Merged

chore(dev): use host.docker.internal instead of hardcoded LAN IPs#3116
eshurakov merged 2 commits intomainfrom
chore/docker-host-internal-dev-config

Conversation

@kilo-code-bot
Copy link
Copy Markdown
Contributor

@kilo-code-bot kilo-code-bot Bot commented May 7, 2026
edited by eshurakov
Loading

Summary

The dev configs in this repo previously hardcoded LAN IPs (192.168.65.254, 192.168.200.x) so that Cloudflare Sandbox containers could reach host services like Next.js on :3000.

Sandbox containers run on the Docker Desktop bridge and do resolve host.docker.internal to the host. This PR switches cloud-agent-next to use host.docker.internal in its .dev.vars.example and wrangler.jsonc (WS_ALLOWED_ORIGINS).

It also fixes the env-sync script (dev/local/env-sync/parse.ts) so that pnpm dev:env preserves host.docker.internal when the .dev.vars.example default explicitly uses it, instead of overwriting it with the LAN IP. A test is added for this behaviour.

Gastown and the legacy cloud-agent service keep their existing LAN-IP-based dev configs — those services have different networking constraints and weren't part of this change.

Verification

  • Run pnpm dev:env cloud-agent and confirm .dev.vars keeps host.docker.internal for KILOCODE_BACKEND_BASE_URL, WORKER_URL, etc.
  • Start cloud-agent-next + Next.js on the host, start a session, and confirm the sandbox container can reach the backend and worker /ingest without manually overriding .dev.vars.

Visual Changes

N/A

Reviewer Notes

  • host.docker.internal only works inside Docker Desktop containers (Linux VM on macOS/Windows). The Sandbox container runtime uses Docker Desktop, so this is the correct host alias.
  • The env-sync change is scoped to @url annotations: if the example default contains host.docker.internal, the generated value preserves that hostname while still updating the port from services.ts.
  • No production config is touched; all changes are inside dev env blocks, .dev.vars.example templates, or the local env-sync tool.

@kilo-code-bot
chore(dev): use host.docker.internal in dev configs instead of LAN IPs
6870ac2 
Sandbox containers running under Docker Desktop resolve
host.docker.internal to the host machine, so the prior
hardcoded LAN IP workarounds are unnecessary. Replace them in
gastown wrangler dev vars, cloud-agent(-next) WS_ALLOWED_ORIGINS,
and the cloud-agent(-next) .dev.vars.example files. Drop the stale
comment that referenced a workerd-network limitation; that issue
relates to Hyperdrive, not Sandbox containers.
@kilo-code-bot kilo-code-bot Bot requested a review from eshurakov May 7, 2026 17:16
@eshurakov
fix(dev): preserve host.docker.internal for cloud-agent-next only
10668ef 
Revert host.docker.internal changes from gastown and legacy cloud-agent
services. Keep them only for cloud-agent-next where Sandbox containers
actually need them.

Add env-sync script logic to preserve host.docker.internal in @url
annotations when the .dev.vars.example default explicitly uses it,
so pnpm dev:env won't overwrite it with the LAN IP.
kilo-code-bot[bot]
kilo-code-bot Bot commented May 7, 2026
View reviewed changes
Comment thread dev/local/env-sync/parse.ts
@kilo-code-bot
Copy link
Copy Markdown
Contributor Author

kilo-code-bot Bot commented May 7, 2026
edited
Loading

Code Review Summary

Status: 1 Issue Found | Recommendation: Address before merge

Overview

Severity Count
CRITICAL 0
WARNING 1
SUGGESTION 0
Issue Details (click to expand)

WARNING

File Line Issue
dev/local/env-sync/parse.ts 230 pnpm dev:env preserves host.docker.internal for URL values but still regenerates ORIGINS as localhost-only, which can override the new dev origin and cause /stream 403s.

Fix these issues in Kilo Cloud

Other Observations (not in diff)

Issues found in unchanged code that cannot receive inline comments:

File Line Issue
N/A N/A None
Files Reviewed (4 files)
  • dev/local/env-sync/parse.ts - 1 issue
  • dev/local/env-sync/plan.test.ts - 0 issues
  • services/cloud-agent-next/.dev.vars.example - 0 issues
  • services/cloud-agent-next/wrangler.jsonc - 0 issues

Reviewed by gpt-5.5-2026-04-23 · 396,311 tokens

jeanduplessis
jeanduplessis approved these changes May 7, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@jeanduplessis jeanduplessis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved. One non-blocking edge-case opportunity remains around keeping the generated .dev.vars WS_ALLOWED_ORIGINS path aligned with the new host.docker.internal wrangler dev origin; I did not add a duplicate inline comment because an existing review thread already covers that path.

@eshurakov
Copy link
Copy Markdown
Contributor

eshurakov commented May 7, 2026

WS_ALLOWED_ORIGINS is for clients outside of docker to connect to services, I don't think there is a need to handle docker's internal host there 🤔

@eshurakov eshurakov merged commit 502d7e6 into main May 7, 2026
13 checks passed
@eshurakov eshurakov deleted the chore/docker-host-internal-dev-config branch May 7, 2026 19:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeanduplessis jeanduplessis jeanduplessis approved these changes

@eshurakov eshurakov Awaiting requested review from eshurakov

Assignees

@eshurakov eshurakov

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@eshurakov @jeanduplessis