Make docker socket opt in

main.go

@@ -392,7 +392,7 @@ func main() {
 		flag.StringVar(&tlsPrivateKey, "tls-client-cert", "", "Path to client certificate used for mTLS")
 	}
 	if dockerSocket == "" {
-		flag.StringVar(&dockerSocket, "docker-socket", "/var/run/docker.sock", "Path to Docker socket")
+		flag.StringVar(&dockerSocket, "docker-socket", "", "Path to Docker socket (typically /var/run/docker.sock)")
 	}
 
 	// do a --version check
@@ -636,6 +636,18 @@ persistent_keepalive_interval=5`, fixKey(privateKey.String()), fixKey(wgData.Pub
 	client.RegisterHandler("newt/socket/check", func(msg websocket.WSMessage) {
 		logger.Info("Received Docker socket check request")
 
+		if dockerSocket == "" {
+			logger.Info("Docker socket path is not set")
+			err := client.SendMessage("newt/socket/status", map[string]interface{}{
+				"available":  false,
+				"socketPath": dockerSocket,
+			})
+			if err != nil {
+				logger.Error("Failed to send Docker socket check response: %v", err)
+			}
+			return
+		}
+
 		// Check if Docker socket is available
 		isAvailable := docker.CheckSocket(dockerSocket)
 
@@ -655,6 +667,11 @@ persistent_keepalive_interval=5`, fixKey(privateKey.String()), fixKey(wgData.Pub
 	client.RegisterHandler("newt/socket/fetch", func(msg websocket.WSMessage) {
 		logger.Info("Received Docker container fetch request")
 
+		if dockerSocket == "" {
+			logger.Info("Docker socket path is not set")
+			return
+		}
+
 		// List Docker containers
 		containers, err := docker.ListContainers(dockerSocket)
 		if err != nil {