From eb8a12f2906e0087501d73db2a2262d89710972d Mon Sep 17 00:00:00 2001
From: Owen <owen@txv.io>
Date: Thu, 5 Jun 2025 22:34:17 -0400
Subject: [PATCH] Make docker socket opt in

---
 main.go | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/main.go b/main.go
index c5dd080..f8c2f5b 100644
--- a/main.go
+++ b/main.go
@@ -392,7 +392,7 @@ func main() {
 		flag.StringVar(&tlsPrivateKey, "tls-client-cert", "", "Path to client certificate used for mTLS")
 	}
 	if dockerSocket == "" {
-		flag.StringVar(&dockerSocket, "docker-socket", "/var/run/docker.sock", "Path to Docker socket")
+		flag.StringVar(&dockerSocket, "docker-socket", "", "Path to Docker socket (typically /var/run/docker.sock)")
 	}
 
 	// do a --version check
@@ -636,6 +636,18 @@ persistent_keepalive_interval=5`, fixKey(privateKey.String()), fixKey(wgData.Pub
 	client.RegisterHandler("newt/socket/check", func(msg websocket.WSMessage) {
 		logger.Info("Received Docker socket check request")
 
+		if dockerSocket == "" {
+			logger.Info("Docker socket path is not set")
+			err := client.SendMessage("newt/socket/status", map[string]interface{}{
+				"available":  false,
+				"socketPath": dockerSocket,
+			})
+			if err != nil {
+				logger.Error("Failed to send Docker socket check response: %v", err)
+			}
+			return
+		}
+
 		// Check if Docker socket is available
 		isAvailable := docker.CheckSocket(dockerSocket)
 
@@ -655,6 +667,11 @@ persistent_keepalive_interval=5`, fixKey(privateKey.String()), fixKey(wgData.Pub
 	client.RegisterHandler("newt/socket/fetch", func(msg websocket.WSMessage) {
 		logger.Info("Received Docker container fetch request")
 
+		if dockerSocket == "" {
+			logger.Info("Docker socket path is not set")
+			return
+		}
+
 		// List Docker containers
 		containers, err := docker.ListContainers(dockerSocket)
 		if err != nil {