fix(proxy): resolve axios + NODE_USE_ENV_PROXY double-proxy conflict

[BenediktSchackenberg]

Problem

axios requests fail inside NemoClaw sandboxes with ERR_BAD_RESPONSE: stream has been aborted. The L7 proxy logs HTTP:UNKNOWN DENIED UNKNOWN.

Root cause: The OpenShell base image sets NODE_USE_ENV_PROXY=1, which intercepts all https.request() calls in Node.js 22 and routes them via CONNECT tunnel. axios also reads HTTPS_PROXY and configures its own proxy pass-through — the request gets double-processed:

1. axios resolves the proxy → builds a request to http://10.200.0.1:3128
2. Node.js re-processes the request through NODE_USE_ENV_PROXY → produces https://clawhub.ai:3128/ (port leaked into host)
3. L7 proxy cannot parse this → DENIED UNKNOWN

https.request() (Node.js core), curl, and jwks-rsa all work correctly because they go through the CONNECT tunnel once.

Fix

Add a preload script (scripts/axios-proxy-fix.js) that disables axios's own proxy handling (proxy: false) when NODE_USE_ENV_PROXY=1 is detected. nemoclaw-start.sh loads it via NODE_OPTIONS=--require at sandbox startup.

• Only active when NODE_USE_ENV_PROXY=1 — no-op in other environments
• curl, wget, gRPC continue to use HTTPS_PROXY as before
• fetch() / undici benefit from the same fix since they share the axios fix path through https.request() after the patch

Fixes #2109

Signed-off-by: Benedikt Schackenberg 6381261+BenediktSchackenberg@users.noreply.github.com

Summary by CodeRabbit

• New Features

  • Optional startup preload to ensure Axios uses environment-driven proxy behavior when enabled.

• Bug Fixes

  • Consistent proxy handling across startup and interactive sessions so proxy settings reliably apply.
  • Robustized shell update logic for identity/ownership repairs while preserving existing success/failure behavior.

• Tests

  • Added regression tests validating proxy env propagation and adjusted tests to accept equivalent shell formatting.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Adds a Node.js preload that disables Axios’s built‑in proxy handling when enabled, updates the shell startup to preload that script via NODE_OPTIONS and emit it into the generated proxy env file for interactive sessions, reformats some shell conditionals, and adds/updates tests verifying the proxy env behavior and a model-override guard formatting variance.

Changes

Cohort / File(s)	Summary
Shell startup script scripts/nemoclaw-start.sh	Reformatted the apply_model_override() early-exit guard to accept shfmt variants. When NODE_USE_ENV_PROXY=1 and /opt/nemoclaw-blueprint/scripts/axios-proxy-fix.js exists, append --require <script> to NODE_OPTIONS for the main process and emit a corresponding export NODE_OPTIONS="...--require <script>" line into /tmp/nemoclaw-proxy-env.sh. Reflowed several shell conditionals (&&/`
Node.js proxy preload module nemoclaw-blueprint/scripts/axios-proxy-fix.js	New preload script gated by NODE_USE_ENV_PROXY==='1'. Installs a temporary Module._load hook to intercept the first require('axios'), sets axios.defaults.proxy = false if unset, uses Symbol.for('nemoclaw.axiosProxyFix') for idempotency, and restores the original loader after patching.
Tests test/service-env.test.ts, test/nemoclaw-start.test.ts	Adds regression tests that build/run temporary wrappers around scripts/nemoclaw-start.sh to assert /tmp/nemoclaw-proxy-env.sh includes NODE_OPTIONS with --require when NODE_USE_ENV_PROXY=1 and not otherwise. Updates the runtime model override test to accept either `

Sequence Diagram(s)

sequenceDiagram
    participant Shell as Shell startup script
    participant EnvFile as /tmp/nemoclaw-proxy-env.sh
    participant Node as Node process (NODE_OPTIONS)
    participant Preload as axios-proxy-fix.js
    participant App as Application (requires axios)

    Shell->>Shell: check NODE_USE_ENV_PROXY && script exists
    alt enabled & script present
        Shell->>Node: append --require /opt/.../axios-proxy-fix.js to NODE_OPTIONS
        Shell->>EnvFile: write export NODE_OPTIONS="... --require /opt/.../axios-proxy-fix.js"
    end
    Note over Node,Preload: process start or interactive shell sources NODE_OPTIONS
    Node->>Preload: preload script executes before app modules
    Preload->>Preload: install temporary Module._load hook for 'axios'
    App->>Preload: first require('axios') triggers hook
    Preload->>App: set axios.defaults.proxy = false (if unset)
    Preload->>Preload: restore original Module._load and mark patch installed

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 A tiny preload hops in place,
It nudges axios to skip the race,
Shells share NODE_OPTIONS so sessions agree,
A symbol keeps the patch from repeating, you see,
Tunnels hum on, steady and ace.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 66.67% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title clearly and specifically describes the main change: fixing a double-proxy conflict between axios and NODE_USE_ENV_PROXY.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

scripts/nemoclaw-start.sh (1)

769-772: Avoid duplicate --require entries in NODE_OPTIONS.

Line 771 always appends. If NODE_OPTIONS already contains this preload, Node can load it multiple times per process.

♻️ Suggested patch

 _AXIOS_FIX_SCRIPT="/opt/nemoclaw-blueprint/scripts/axios-proxy-fix.js"
 if [ -f "$_AXIOS_FIX_SCRIPT" ] && [ "${NODE_USE_ENV_PROXY:-}" = "1" ]; then
-  export NODE_OPTIONS="${NODE_OPTIONS:+$NODE_OPTIONS }--require $_AXIOS_FIX_SCRIPT"
+  case " ${NODE_OPTIONS:-} " in
+    *" --require $_AXIOS_FIX_SCRIPT "*) ;;
+    *)
+      export NODE_OPTIONS="${NODE_OPTIONS:+$NODE_OPTIONS }--require $_AXIOS_FIX_SCRIPT"
+      ;;
+  esac
 fi

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@scripts/nemoclaw-start.sh` around lines 769 - 772, The script unconditionally
appends the axios preload to NODE_OPTIONS which can cause duplicate "--require
/opt/nemoclaw-blueprint/scripts/axios-proxy-fix.js" entries; change the logic
that sets NODE_OPTIONS to first check whether the exact preload token is already
present (match the literal substring "--require $_AXIOS_FIX_SCRIPT" in the
current NODE_OPTIONS) and only append it when not found. Update the block that
references _AXIOS_FIX_SCRIPT and NODE_OPTIONS to perform this existence check
(e.g., using a grep/printf or a shell case string match against "$NODE_OPTIONS")
before exporting the new NODE_OPTIONS value.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@scripts/axios-proxy-fix.js`:
- Around line 38-39: Rename the unused parameters in the Module._load hook to
follow the repo rule by prefixing them with underscores: change the callback
signature from function (request, parent, isMain) to function (request, _parent,
_isMain) and update the call to originalLoad.apply(this, arguments) if you
prefer leaving arguments unchanged; ensure no other references to parent or
isMain remain in the Module._load function body so linting passes for the
unused-parameter rule.

---

Nitpick comments:
In `@scripts/nemoclaw-start.sh`:
- Around line 769-772: The script unconditionally appends the axios preload to
NODE_OPTIONS which can cause duplicate "--require
/opt/nemoclaw-blueprint/scripts/axios-proxy-fix.js" entries; change the logic
that sets NODE_OPTIONS to first check whether the exact preload token is already
present (match the literal substring "--require $_AXIOS_FIX_SCRIPT" in the
current NODE_OPTIONS) and only append it when not found. Update the block that
references _AXIOS_FIX_SCRIPT and NODE_OPTIONS to perform this existence check
(e.g., using a grep/printf or a shell case string match against "$NODE_OPTIONS")
before exporting the new NODE_OPTIONS value.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 11a67d44-1d7b-4c17-a88c-562cb35f1a83

📥 Commits

Reviewing files that changed from the base of the PR and between ed38d45 and b90c10c.

📒 Files selected for processing (2)

• scripts/axios-proxy-fix.js
• scripts/nemoclaw-start.sh

[Copilot]

Pull request overview

This PR aims to prevent axios HTTPS requests from being double-proxied in NemoClaw sandboxes when NODE_USE_ENV_PROXY=1 is set, by disabling axios’s own proxy handling via a Node preload script and enabling that preload from the sandbox entrypoint.

Changes:

• Add a Node preload script that patches axios defaults to set proxy: false when NODE_USE_ENV_PROXY=1.
• Update nemoclaw-start.sh to conditionally append --require for the preload script via NODE_OPTIONS.
• Minor shell formatting/flow adjustments in nemoclaw-start.sh.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.

File	Description
scripts/nemoclaw-start.sh	Conditionally enables an axios proxy workaround by adding a preload via NODE_OPTIONS.
scripts/axios-proxy-fix.js	Implements the preload-time axios patch by intercepting module loading and setting axios.defaults.proxy = false.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

_AXIOS_FIX_SCRIPT points to /opt/nemoclaw-blueprint/scripts/axios-proxy-fix.js, but the image build only copies nemoclaw-blueprint/ into /opt/nemoclaw-blueprint/ (no scripts/ dir), and this new file is added under repo scripts/. As a result the -f check will fail and the preload will never be enabled. Move the preload file into nemoclaw-blueprint/scripts/ (or another path that is actually present in the image) and/or adjust the build to copy it to the referenced location.

Suggested change

	_AXIOS_FIX_SCRIPT="/opt/nemoclaw-blueprint/scripts/axios-proxy-fix.js"
	#
	# Write the preload at runtime to a path guaranteed to exist in the container
	# instead of depending on an image-build copy step for a repository-level file.
	_AXIOS_FIX_SCRIPT="/tmp/axios-proxy-fix.js"
	cat >"$_AXIOS_FIX_SCRIPT" <<'EOF'
	'use strict';
	const Module = require('module');
	const originalLoad = Module._load;
	Module._load = function patchedAxiosLoad(request, parent, isMain) {
	const exported = originalLoad.apply(this, arguments);
	if (request === 'axios' && exported) {
	const patchDefaults = function patchDefaults(target) {
	if (target && target.defaults && Object.prototype.hasOwnProperty.call(target.defaults, 'proxy')) {
	target.defaults.proxy = false;
	}
	};
	patchDefaults(exported);
	if (exported.default) {
	patchDefaults(exported.default);
	}
	}
	return exported;
	};
	EOF

[Copilot]

This sets NODE_OPTIONS in the entrypoint process, but openshell sandbox connect sessions source env from /tmp/nemoclaw-proxy-env.sh (see comment below) rather than inheriting exports from PID 1. If axios failures also occur in interactive sessions / user commands, this preload likely won’t be active there. Consider also emitting an export NODE_OPTIONS=... line into the /tmp/nemoclaw-proxy-env.sh file (or otherwise ensuring NODE_OPTIONS is present for connect sessions).

Suggested change

	export NODE_OPTIONS="${NODE_OPTIONS:+$NODE_OPTIONS }--require $_AXIOS_FIX_SCRIPT"
	export NODE_OPTIONS="${NODE_OPTIONS:+$NODE_OPTIONS }--require $_AXIOS_FIX_SCRIPT"
	_TOOL_REDIRECTS+=("NODE_OPTIONS=$NODE_OPTIONS")

[Copilot]

New proxy behavior is introduced here, but the existing test suite validates the proxy env block and the generated /tmp env file (e.g., test/service-env.test.ts) without covering this new NODE_OPTIONS --require injection. Add/update tests to assert the preload flag is set when NODE_USE_ENV_PROXY=1 (and that it’s persisted to the connect-session env file if that’s the intended scope).

[BenediktSchackenberg]

Addressed all review points:

1. File location — moved to nemoclaw-blueprint/scripts/ (Dockerfile: COPY nemoclaw-blueprint/ /opt/nemoclaw-blueprint/) ✅
2. Unused params — prefixed _parent / _isMain ✅
3. Module._load overhead — restored to originalLoad immediately after axios is patched; added Symbol.for idempotency guard ✅
4. Connect sessions — also emits NODE_OPTIONS --require into /tmp/nemoclaw-proxy-env.sh so interactive openshell sandbox connect sessions get the fix too ✅
5. Tests — regression test in test/service-env.test.ts asserts that proxy-env.sh contains the NODE_OPTIONS preload when NODE_USE_ENV_PROXY=1 and the fix script exists; 33/33 pass ✅

[coderabbitai]

🧹 Nitpick comments (1)

test/service-env.test.ts (1)

572-576: Add an explicit non-empty persistBlock check for clearer failures.

If the sed anchors change, this test will currently fail later with less actionable output.

💡 Suggested tweak

         const persistBlock = execFileSync(
           "sed",
           ["-n", "/^_PROXY_URL=/,/^chmod 644/p", scriptPath],
           { encoding: "utf-8" },
         );
+        if (!persistBlock.trim()) {
+          throw new Error(
+            "Failed to extract proxy persistence block from scripts/nemoclaw-start.sh — " +
+              "the _PROXY_URL..chmod block may have been moved or renamed",
+          );
+        }
         const wrapper = [

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/service-env.test.ts` around lines 572 - 576, The test reads a
persistBlock via execFileSync into the variable persistBlock but doesn't verify
it's non-empty, causing later, less useful failures if the sed anchors change;
after the execFileSync call that assigns persistBlock (the line calling
execFileSync with "sed" and the "/^_PROXY_URL=/,/^chmod 644/p" args), add an
explicit assertion/check that persistBlock is not an empty string and fail fast
with a clear message (e.g., throw or use the test framework's assert/expect)
indicating the sed extraction returned no content so maintainers know the
anchors need updating.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@test/service-env.test.ts`:
- Around line 572-576: The test reads a persistBlock via execFileSync into the
variable persistBlock but doesn't verify it's non-empty, causing later, less
useful failures if the sed anchors change; after the execFileSync call that
assigns persistBlock (the line calling execFileSync with "sed" and the
"/^_PROXY_URL=/,/^chmod 644/p" args), add an explicit assertion/check that
persistBlock is not an empty string and fail fast with a clear message (e.g.,
throw or use the test framework's assert/expect) indicating the sed extraction
returned no content so maintainers know the anchors need updating.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 0e1252cc-3a5e-4cf2-b329-ed9718989f4b

📥 Commits

Reviewing files that changed from the base of the PR and between b90c10c and 4ddec05.

📒 Files selected for processing (3)

• nemoclaw-blueprint/scripts/axios-proxy-fix.js
• scripts/nemoclaw-start.sh
• test/service-env.test.ts

[BenediktSchackenberg]

Fixed — added the explicit persistBlock.trim() check so the test fails fast with a clear message if the sed anchors ever change. 33/33 pass.

[coderabbitai]

🧹 Nitpick comments (1)

test/service-env.test.ts (1)

565-603: Add a negative-path assertion for no-op behavior.

Line 587 forces NODE_USE_ENV_PROXY=1, but this regression suite does not assert the opposite case (unset/not 1 should not add NODE_OPTIONS). Adding that test would better lock the intended no-op contract.

➕ Suggested test addition

+    it("does not inject NODE_OPTIONS when NODE_USE_ENV_PROXY is unset", () => {
+      const fakeDataDir = join(tmpdir(), `nemoclaw-axios-fix-negative-${process.pid}`);
+      const fakeFixScript = join(fakeDataDir, "axios-proxy-fix.js");
+      execFileSync("mkdir", ["-p", fakeDataDir]);
+      const tmpFile = join(tmpdir(), `nemoclaw-axios-fix-negative-env-${process.pid}.sh`);
+      try {
+        const scriptPath = join(import.meta.dirname, "../scripts/nemoclaw-start.sh");
+        const persistBlock = execFileSync("sed", ["-n", "/^_PROXY_URL=/,/^chmod 644/p", scriptPath], {
+          encoding: "utf-8",
+        });
+        writeFileSync(fakeFixScript, "// fake", { mode: 0o644 });
+        const wrapper = [
+          "#!/usr/bin/env bash",
+          "set -euo pipefail",
+          'PROXY_HOST="10.200.0.1"',
+          'PROXY_PORT="3128"',
+          "_TOOL_REDIRECTS=()",
+          persistBlock
+            .trimEnd()
+            .replaceAll("/tmp/nemoclaw-proxy-env.sh", `${fakeDataDir}/proxy-env.sh`)
+            .replaceAll("/opt/nemoclaw-blueprint/scripts/axios-proxy-fix.js", fakeFixScript),
+        ].join("\n");
+        writeFileSync(tmpFile, wrapper, { mode: 0o700 });
+        execFileSync("bash", [tmpFile], { encoding: "utf-8" });
+
+        const envFile = readFileSync(join(fakeDataDir, "proxy-env.sh"), "utf-8");
+        expect(envFile).not.toContain("NODE_OPTIONS");
+      } finally {
+        try {
+          execFileSync("rm", ["-rf", fakeDataDir, tmpFile]);
+        } catch {
+          /* ignore */
+        }
+      }
+    });

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/service-env.test.ts` around lines 565 - 603, Add a negative-path test
alongside the existing "regression `#2109`: proxy-env.sh includes NODE_OPTIONS
--require when NODE_USE_ENV_PROXY=1 and fix script exists" case that mirrors the
same setup but with NODE_USE_ENV_PROXY unset or set to "0" (use the same tmp
wrapper construction, persistBlock extraction and fakeDataDir/fakeFixScript
handling), run the wrapper, then read the generated proxy-env.sh and assert it
does NOT contain "NODE_OPTIONS", "--require", or the fakeFixScript path; ensure
you reference the same variables used in the positive test (NODE_USE_ENV_PROXY,
fakeFixScript, proxy-env.sh, persistBlock) and keep teardown in the same finally
block pattern.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@test/service-env.test.ts`:
- Around line 565-603: Add a negative-path test alongside the existing
"regression `#2109`: proxy-env.sh includes NODE_OPTIONS --require when
NODE_USE_ENV_PROXY=1 and fix script exists" case that mirrors the same setup but
with NODE_USE_ENV_PROXY unset or set to "0" (use the same tmp wrapper
construction, persistBlock extraction and fakeDataDir/fakeFixScript handling),
run the wrapper, then read the generated proxy-env.sh and assert it does NOT
contain "NODE_OPTIONS", "--require", or the fakeFixScript path; ensure you
reference the same variables used in the positive test (NODE_USE_ENV_PROXY,
fakeFixScript, proxy-env.sh, persistBlock) and keep teardown in the same finally
block pattern.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 47b66816-0698-4888-b65a-ce80d2938c50

📥 Commits

Reviewing files that changed from the base of the PR and between 4ddec05 and b400249.

📒 Files selected for processing (1)

• test/service-env.test.ts

[wscurran]

✨ Thanks for submitting this PR that proposes a fix for the axios request failure issue inside NemoClaw sandboxes. The changes and explanation you provided will help us review this further. Fixes #2109.

---

Possibly related open issues:

• #2109 axios requests fail with ERR_BAD_RESPONSE inside NemoClaw sandbox — double proxy conflict with NODE_USE_ENV_PROXY

[ericksoa]

LGTM. Approach is sound — preload hook is self-cleaning, guarded by NODE_USE_ENV_PROXY=1, and fails safe if the script is missing. Connect sessions are covered via proxy-env.sh. Copilot review comments are either already addressed or incorrect about the file path mapping.

Revoking — needs fixes to pass E2E.

[ericksoa]

Thanks for this — the approach is solid and we'd like to merge this once CI is green. Three things to fix:

1. axios-proxy-fix.js not executable — the file has a shebang but isn't marked +x. Run chmod +x nemoclaw-blueprint/scripts/axios-proxy-fix.js (or git add --chmod=+x).

2. Test nemoclaw-start.test.ts failing — the apply_model_override formatting change (\ || → ||\n) broke the '|| return 0' substring assertion in the "is a no-op when no override env vars are set" test. Either update the test to match the new formatting or revert the cosmetic reformatting (it's unrelated to the proxy fix).

3. Test service-env.test.ts regression axios requests fail with ERR_BAD_RESPONSE inside NemoClaw sandbox — double proxy conflict with NODE_USE_ENV_PROXY #2109 failing — _TOOL_REDIRECTS[@]: unbound variable on macOS. The test wrapper script needs _TOOL_REDIRECTS=() declared before the extracted block references it (it's declared but the sed extraction may not be capturing it).

The proxy fix itself looks great — once these are addressed we'll approve and merge.

[BenediktSchackenberg]

Thanks @copilot-pull-request-reviewer — the explicit persistBlock.trim() guard is already present in the current branch at both sed-call sites, so the test fails fast if the anchors ever move. That part is covered.

[BenediktSchackenberg]

Addressed all three items from @ericksoa:

1. axios-proxy-fix.js +x — added via git add --chmod=+x
2. nemoclaw-start.test.ts failing — updated the return 0 assertion to a regex that matches both || return 0 and the shfmt-reformatted standalone return 0
3. service-env.test.ts macOS unbound variable — added set +u in both test wrapper scripts before the sed-extracted block (empty array expansion with set -u triggers the error on macOS bash)

102/102 tests pass.

[ericksoa]

CI fixes verified locally — hooks pass, executable bit set. LGTM.