Rephrasing and add env vars to docker compose

2026-03-28 17:43:05 +01:00 · 2026-03-23 18:36:55 -07:00
parent e6e7267eb1
commit 4b583fe337
2 changed files with 12 additions and 8 deletions
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -18,15 +18,18 @@ services:
    environment:
      MESHCORE_DATABASE_PATH: data/meshcore.db
      # Radio connection -- optional if you map just a single serial device above, as the app will autodetect
-
      # Serial (USB)
      # MESHCORE_SERIAL_PORT: /dev/ttyUSB0
      # MESHCORE_SERIAL_BAUDRATE: 115200
-
      # TCP
      # MESHCORE_TCP_HOST: 192.168.1.100
      # MESHCORE_TCP_PORT: 4000

+      # Security
+      # MESHCORE_DISABLE_BOTS: "true"
+      # MESHCORE_BASIC_AUTH_USERNAME: changeme
+      # MESHCORE_BASIC_AUTH_PASSWORD: changeme
+
      # Logging
      # MESHCORE_LOG_LEVEL: INFO
    restart: unless-stopped
--- a/frontend/src/components/SecurityWarningModal.tsx
+++ b/frontend/src/components/SecurityWarningModal.tsx
@@ -83,7 +83,7 @@ export function SecurityWarningModal({ health }: SecurityWarningModalProps) {
          </DialogDescription>
        </DialogHeader>

-        <div className="space-y-3 text-sm leading-6 text-muted-foreground">
+        <div className="space-y-3 break-words text-sm leading-6 text-muted-foreground">
          <p>
            Without one of those protections, or another access-control layer in front of
            RemoteTerm, anyone on your local network who can reach this app can run Python code on
@@ -95,16 +95,17 @@ export function SecurityWarningModal({ health }: SecurityWarningModalProps) {
            arbitrary code execution.
          </p>
          <p>
-            To reduce that risk, either disable bots with{' '}
-            <code className="rounded bg-muted px-1 py-0.5 text-foreground">
+            To reduce that risk, run the server with environment variables to either disable bots
+            with{' '}
+            <code className="break-all rounded bg-muted px-1 py-0.5 text-foreground">
              MESHCORE_DISABLE_BOTS=true
            </code>{' '}
            or enable the built-in login with{' '}
-            <code className="rounded bg-muted px-1 py-0.5 text-foreground">
+            <code className="break-all rounded bg-muted px-1 py-0.5 text-foreground">
              MESHCORE_BASIC_AUTH_USERNAME
            </code>{' '}
-            and{' '}
-            <code className="rounded bg-muted px-1 py-0.5 text-foreground">
+            /{' '}
+            <code className="break-all rounded bg-muted px-1 py-0.5 text-foreground">
              MESHCORE_BASIC_AUTH_PASSWORD
            </code>
            . Another external auth or access-control system is also acceptable.