fix(sandbox): export proxy env vars with full NO_PROXY and persist across reconnects

[senthilr-nv]

Summary

OpenShell injects NO_PROXY=127.0.0.1,localhost,::1 into the sandbox, missing inference.local and the gateway IP (10.200.0.1). This causes LLM inference requests to be routed through the egress proxy instead of going direct, and the proxy gateway IP itself gets proxied.

This PR adds a proxy configuration block to nemoclaw-start.sh that:

• Exports HTTP_PROXY, HTTPS_PROXY, NO_PROXY (and lowercase equivalents) with the full bypass list
• Persists the config to ~/.bashrc (primary) and ~/.profile (login-shell fallback) so values survive openshell sandbox connect re-injection
• Uses begin/end markers so the block is replaced (not duplicated) if proxy host/port change between restarts
• Resolves _SANDBOX_HOME dynamically via getent passwd when running as root, falling back to /sandbox
• Supports NEMOCLAW_PROXY_HOST / NEMOCLAW_PROXY_PORT overrides for environments where the gateway address differs

Why ~/.bashrc?

openshell sandbox connect spawns bash -i (interactive, non-login) via ssh.rs. The connect path calls env_clear() and then injects the narrow NO_PROXY. Since bash -i sources ~/.bashrc on startup, writing the full proxy config there restores the correct values after OpenShell's injection.

Problem

When a user asks the agent to fetch a URL (e.g. web_fetch tool), the sandbox routes the request through the egress proxy incorrectly because:

1. OpenShell's NO_PROXY is too narrow — inference.local is missing, so LLM inference traffic is wrongly routed through the proxy
2. The gateway IP (10.200.0.1) is missing from NO_PROXY, creating a potential proxy loop
3. Every openshell sandbox connect re-injects the narrow NO_PROXY, overwriting any manual fix
4. Node.js undici prefers lowercase no_proxy over uppercase — without lowercase exports, the bypass list is ignored

Changes

• scripts/nemoclaw-start.sh: Added proxy environment block with full NO_PROXY list, ~/.bashrc + ~/.profile persistence with begin/end markers, dynamic sandbox home resolution
• test/service-env.test.js: Added unit tests for proxy variable extraction, NO_PROXY completeness, lowercase variants, .bashrc/.profile persistence, idempotency, stale value replacement, and bash-i override simulation

Testing

• DGX Spark (ARM64, Ubuntu 24.04): Fresh destroy → re-onboard → connect → verified full NO_PROXY and no_proxy in live sandbox shell
• Brev VM (x86_64, Ubuntu 22.04, non-root): Same end-to-end verification; confirmed proxy bypass works
• 22/22 unit tests green on both platforms

Related

• Ref: Web search tools fail in sandbox: DNS resolution blocked (getaddrinfo EAI_AGAIN) #626
• Ref: fix(sandbox): export HTTP_PROXY/HTTPS_PROXY/NO_PROXY so Node.js routes through OpenShell egress proxy (fixes #626) #704
• Ref: fix(sandbox): export HTTP_PROXY/HTTPS_PROXY/NO_PROXY so Node.js routes through OpenShell egress proxy (fixes #626) #704 (comment)
• DNS resolution (getaddrinfo EAI_AGAIN) is a separate issue tracked in fix: sandbox DNS resolution via CoreDNS proxy in sandbox pod #732

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Entrypoint startup now derives proxy host/port from NEMOCLAW_PROXY_HOST/NEMOCLAW_PROXY_PORT (with defaults), exports uppercase and lowercase HTTP_PROXY/HTTPS_PROXY/NO_PROXY (including loopback, inference.local, and the proxy gateway IP), and idempotently persists a marked snippet into the sandbox user’s ~/.bashrc and ~/.profile when writable.

Changes

Cohort / File(s)	Summary
Proxy configuration script scripts/nemoclaw-start.sh	Adds logic to derive proxy host/port with defaults, build/export both uppercase and lowercase HTTP_PROXY/HTTPS_PROXY/NO_PROXY (NO_PROXY expanded to include localhost, loopback IPv4/IPv6, inference.local, and the gateway IP), and idempotently append a marked proxy-export snippet into the sandbox user's ~/.bashrc and ~/.profile when the home directory is writable.
Proxy tests test/service-env.test.js	Adds Vitest suite "proxy environment variables (issue #626)" with an extractProxyVars helper that runs the extracted snippet to capture proxy envs. Tests default proxy URL, host/port overrides, NO_PROXY contents (loopback, inference.local, gateway IP), lowercase equivalents, persistence into simulated ~/.bashrc/~/.profile, idempotency of the persisted block, and sourcing behavior. Imports execFileSync, fs, os, and path utilities for simulations.

Sequence Diagram(s)

sequenceDiagram
    participant Entrypoint as Entrypoint Script
    participant Env as Process Env
    participant FS as User Home FS
    participant Shell as Interactive/Login Shell

    Entrypoint->>Env: read NEMOCLAW_PROXY_HOST/PORT (or defaults)
    Entrypoint->>Env: export HTTP_PROXY/HTTPS_PROXY/NO_PROXY and lowercase vars
    Entrypoint->>FS: if writable, write idempotent snippet to ~/.bashrc and ~/.profile
    Shell->>FS: on interactive/login start, source ~/.bashrc/~/.profile
    FS->>Shell: provide exported proxy envs to shell sessions

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐇 I hop into startup, whiskers keen,
I stitch proxy threads where networks convene,
I tuck exports in bash and profile snug,
So shells remember with a gentle hug,
🥕 sandbox warmed, connectivity seen.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: exporting proxy environment variables with a complete NO_PROXY list and persisting them across reconnects, which aligns directly with the PR's core objective.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (2)

scripts/nemoclaw-start.sh (1)

231-243: Potential duplicate appends to ~/.profile on container restart.

Line 242 appends the proxy snippet to ~/.profile without checking if it already exists. If the container is stopped and restarted (rather than recreated), the snippet will be appended again, resulting in duplicates.

Consider making the append idempotent by checking for an existing marker:

♻️ Suggested idempotent append

 elif [ -w "${HOME:-/sandbox}" ]; then
-  printf '\n%s\n' "$_PROXY_SNIPPET" >>"${HOME:-/sandbox}/.profile"
+  if ! grep -q 'nemoclaw-start.sh.*proxy' "${HOME:-/sandbox}/.profile" 2>/dev/null; then
+    printf '\n%s\n' "$_PROXY_SNIPPET" >>"${HOME:-/sandbox}/.profile"
+  fi
 fi

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@scripts/nemoclaw-start.sh` around lines 231 - 243, The script currently
unconditionally appends the _PROXY_SNIPPET to "${HOME:-/sandbox}/.profile",
causing duplicate entries on container restart; change the logic to be
idempotent by detecting an existing marker or the snippet before appending: add
a unique marker string (e.g. "# nemoclaw-proxy start") inside _PROXY_SNIPPET
and, before the printf >>"${HOME:-/sandbox}/.profile" in the non-root branch,
check the file for that marker (using grep or test) and only append if the
marker is absent; keep the root branch writing to
/etc/profile.d/nemoclaw-proxy.sh as-is.

test/service-env.test.js (1)

175-208: Profile persistence test validates file writing but diverges from actual script logic.

The wrapper (lines 180-194) is a simplified reimplementation that doesn't exercise the actual script's id -u check or the root vs non-root branching. This tests the concept of writing a proxy snippet when a directory exists, but not the exact production logic.

Consider extracting and sourcing the actual persistence block from the script (similar to extractProxyVars) for higher fidelity, or document that this is an intentional simplification.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/service-env.test.js` around lines 175 - 208, The test "writes proxy
snippet to /etc/profile.d when the directory exists" reimplements the
persistence wrapper and therefore doesn't exercise the script's real branching
(root check via id -u and root vs non-root behavior); update the test to source
or invoke the actual persistence block instead of the ad-hoc wrapper—either
reuse the existing extractProxyVars helper to build the exact snippet or load
the real persistence logic (the same code that writes nemoclaw-proxy.sh and
performs the id -u check) so the test covers root/non-root branches and matches
production behavior (or add a clear comment explaining this is an intentional
simplification if you prefer not to change the test).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@scripts/nemoclaw-start.sh`:
- Around line 231-243: The script currently unconditionally appends the
_PROXY_SNIPPET to "${HOME:-/sandbox}/.profile", causing duplicate entries on
container restart; change the logic to be idempotent by detecting an existing
marker or the snippet before appending: add a unique marker string (e.g. "#
nemoclaw-proxy start") inside _PROXY_SNIPPET and, before the printf
>>"${HOME:-/sandbox}/.profile" in the non-root branch, check the file for that
marker (using grep or test) and only append if the marker is absent; keep the
root branch writing to /etc/profile.d/nemoclaw-proxy.sh as-is.

In `@test/service-env.test.js`:
- Around line 175-208: The test "writes proxy snippet to /etc/profile.d when the
directory exists" reimplements the persistence wrapper and therefore doesn't
exercise the script's real branching (root check via id -u and root vs non-root
behavior); update the test to source or invoke the actual persistence block
instead of the ad-hoc wrapper—either reuse the existing extractProxyVars helper
to build the exact snippet or load the real persistence logic (the same code
that writes nemoclaw-proxy.sh and performs the id -u check) so the test covers
root/non-root branches and matches production behavior (or add a clear comment
explaining this is an intentional simplification if you prefer not to change the
test).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 61decdb9-e740-41db-9331-48f07277bead

📥 Commits

Reviewing files that changed from the base of the PR and between 5c269c1 and cd9680d.

📒 Files selected for processing (2)

• scripts/nemoclaw-start.sh
• test/service-env.test.js

[senthilr-nv]

This PR builds on the approach from PR #704 by @nanookclaw, which correctly identified the need to export proxy env vars in nemoclaw-start.sh and persist them via /etc/profile.d/. Our contribution fixes the runtime NO_PROXY mismatch (missing inference.local and gateway IP) and adds a non-root fallback for environments like Brev.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

test/service-env.test.js (1)

175-208: Add coverage for non-root ~/.profile fallback and repeat-run behavior.

This test validates the /etc/profile.d path, but the PR also relies on the non-root fallback. Add one test for writing to ~/.profile and one for repeated invocation behavior to guard regressions there.

🧪 Suggested additional test shape

+    it("writes proxy snippet to ~/.profile in non-root fallback", () => {
+      // Arrange temp HOME and run wrapper with /etc/profile.d branch disabled
+      // Assert ~/.profile contains expected exports and inference.local entry
+    });
+
+    it("does not duplicate proxy snippet on repeated startup", () => {
+      // Run wrapper twice against same profile target
+      // Assert marker/export block count is 1
+    });

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/service-env.test.js` around lines 175 - 208, Add two tests to
test/service-env.test.js: one that simulates a non-root user by setting HOME to
a temp directory and verifies the code writes the proxy snippet into ~/.profile
(use readFileSync on join(process.env.HOME, ".profile") and assert presence of
export HTTP_PROXY/HTTPS_PROXY/NO_PROXY and the host IP), and a second that calls
the entrypoint twice (or runs the same wrapper twice like the existing test does
with execFileSync on a temp script) to assert idempotency/no duplicate snippets
in either /etc/profile.d/nemoclaw-proxy.sh or ~/.profile (check counts or
absence of repeated blocks); locate the test scaffolding around the existing
"writes proxy snippet to /etc/profile.d when the directory exists" spec and
reuse its tmpdir/tmpFile setup and cleanup logic (profileDir, tmpFile, wrapper,
execFileSync) to implement these two new specs.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@scripts/nemoclaw-start.sh`:
- Around line 239-243: The snippet writes _PROXY_SNIPPET to the non-root user's
profile using ${HOME:-/sandbox} before HOME is reset and uses >> which can
duplicate the snippet; change the logic to determine the actual non-root home
after the script resets ownership (or compute a target_home variable after
privilege drop) and then only persist the snippet idempotently by checking for
its presence (e.g. grep -Fq "$_PROXY_SNIPPET" "$target_home/.profile") and
writing it only if missing (or replace existing block), and continue to write
the root case to the profile.d file (use the same presence check for
/etc/profile.d target) so _PROXY_SNIPPET is not appended multiple times and the
path is resolved deterministically; reference the _PROXY_SNIPPET variable, the
.profile target, and the profile.d target in your changes.

In `@test/service-env.test.js`:
- Around line 161-173: The test titles are misleading: the it() descriptions say
"excludes" while the assertions check for inclusion; update the two it()
descriptions in the test file so they reflect inclusion/containment (e.g.,
change "NO_PROXY excludes loopback and inference.local" to "NO_PROXY includes
loopback and inference.local" and change "NO_PROXY excludes OpenShell gateway
IP" to "NO_PROXY includes OpenShell gateway IP") — keep the assertions
referencing extractProxyVars() and vars.NO_PROXY as-is.

---

Nitpick comments:
In `@test/service-env.test.js`:
- Around line 175-208: Add two tests to test/service-env.test.js: one that
simulates a non-root user by setting HOME to a temp directory and verifies the
code writes the proxy snippet into ~/.profile (use readFileSync on
join(process.env.HOME, ".profile") and assert presence of export
HTTP_PROXY/HTTPS_PROXY/NO_PROXY and the host IP), and a second that calls the
entrypoint twice (or runs the same wrapper twice like the existing test does
with execFileSync on a temp script) to assert idempotency/no duplicate snippets
in either /etc/profile.d/nemoclaw-proxy.sh or ~/.profile (check counts or
absence of repeated blocks); locate the test scaffolding around the existing
"writes proxy snippet to /etc/profile.d when the directory exists" spec and
reuse its tmpdir/tmpFile setup and cleanup logic (profileDir, tmpFile, wrapper,
execFileSync) to implement these two new specs.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: a24817d1-2fc3-4417-820c-e14985633fcb

📥 Commits

Reviewing files that changed from the base of the PR and between cd9680d and e7fa924.

📒 Files selected for processing (2)

• scripts/nemoclaw-start.sh
• test/service-env.test.js

[kjw3]

Thanks for working on this. I reran the validation entirely on a single Linux GPU host, and I don’t think this is ready to merge yet.

What I tested on that one host:

• checked out the latest PR tip
• ran test/service-env.test.js
  • passed
• ran a fresh non-interactive onboard from this PR branch with a new sandbox
• confirmed the new sandbox came up Ready
• connected into that fresh sandbox through a real interactive OpenShell pseudo-TTY session
• inspected the live proxy env after connect
• inspected the persisted proxy file(s) inside that same fresh sandbox

What I found:

• the PR code is making it into the built sandbox
• in the fresh sandbox, ~/.profile exists and contains the full proxy snippet from this PR, including:
  • inference.local
  • 10.200.0.1
• but after a real interactive reconnect, the live env still comes back as:
  • HTTP_PROXY=http://10.200.0.1:3128
  • HTTPS_PROXY=http://10.200.0.1:3128
  • NO_PROXY=127.0.0.1,localhost,::1

So the main blocker is still the same:

• the profile-based persistence strategy does not actually win on the real reconnect path
• the actual interactive session still ends up with the narrow OpenShell-injected NO_PROXY

Because of that, I don’t think this closes the runtime mismatch yet. The next step is to fix the env injection / session startup path that OpenShell uses on connect, rather than relying on /etc/profile.d or ~/.profile to restore the value afterward.

[coderabbitai]

♻️ Duplicate comments (1)

test/service-env.test.js (1)

164-176: ⚠️ Potential issue | 🟡 Minor

Test names contradict the assertions.

Lines 164 and 173 describe "excludes" but the assertions verify inclusion with toContain. Rename for clarity:

-    it("NO_PROXY excludes loopback and inference.local", () => {
+    it("NO_PROXY includes loopback and inference.local", () => {

-    it("NO_PROXY excludes OpenShell gateway IP", () => {
+    it("NO_PROXY includes OpenShell gateway IP", () => {

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/service-env.test.js` around lines 164 - 176, The two test descriptions
are misleading: the specs in the test block for the NO_PROXY checks say
"excludes" but the assertions on extractProxyVars().NO_PROXY use toContain, so
either the assertions or the test names must be changed; update the test titles
(the it(...) strings) to say "includes" (e.g., change "NO_PROXY excludes
loopback and inference.local" and "NO_PROXY excludes OpenShell gateway IP" to
"NO_PROXY includes ...") so they match the assertions that check inclusion,
referencing the test cases that call extractProxyVars() and assert on
vars.NO_PROXY.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@test/service-env.test.js`:
- Around line 164-176: The two test descriptions are misleading: the specs in
the test block for the NO_PROXY checks say "excludes" but the assertions on
extractProxyVars().NO_PROXY use toContain, so either the assertions or the test
names must be changed; update the test titles (the it(...) strings) to say
"includes" (e.g., change "NO_PROXY excludes loopback and inference.local" and
"NO_PROXY excludes OpenShell gateway IP" to "NO_PROXY includes ...") so they
match the assertions that check inclusion, referencing the test cases that call
extractProxyVars() and assert on vars.NO_PROXY.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 05a59140-8d37-469c-aaac-34e0e85b01a1

📥 Commits

Reviewing files that changed from the base of the PR and between e7fa924 and 6ebeea6.

📒 Files selected for processing (2)

• scripts/nemoclaw-start.sh
• test/service-env.test.js

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@scripts/nemoclaw-start.sh`:
- Around line 244-260: The current _write_proxy_snippet only skips writing when
_PROXY_MARKER already exists, leaving stale values in files; change the approach
to make the persisted block replaceable: update _PROXY_SNIPPET to include a
distinct end marker (e.g., _PROXY_MARKER_END), then modify _write_proxy_snippet
to detect the start marker and, if present, remove the existing block between
the start and end markers (or the start marker through the next blank line) and
then write the new _PROXY_SNIPPET; use the existing symbols _PROXY_MARKER,
_PROXY_SNIPPET and function _write_proxy_snippet to locate and perform the
replacement so subsequent runs refresh proxy values instead of deduping.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 9123b1a1-93de-4fa3-ab63-215e61de8366

📥 Commits

Reviewing files that changed from the base of the PR and between 6ebeea6 and 766294f.

📒 Files selected for processing (2)

• scripts/nemoclaw-start.sh
• test/service-env.test.js

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@scripts/nemoclaw-start.sh`:
- Around line 253-266: The script sets _SANDBOX_HOME="${HOME:-/sandbox}" which
picks /root when running as root and causes _write_proxy_snippet to append to
root's dotfiles; change the logic that defines _SANDBOX_HOME so that when
running as UID 0 (or when HOME equals /root) it uses /sandbox instead of $HOME,
then continue calling _write_proxy_snippet for "${_SANDBOX_HOME}/.bashrc" and
"${_SANDBOX_HOME}/.profile"; update the assignment of _SANDBOX_HOME (and any
related conditional) so _write_proxy_snippet, _PROXY_MARKER and _PROXY_SNIPPET
operate on the actual sandbox user's home rather than /root.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: bb628d55-ca34-4787-8f2f-92cbfbd93cda

📥 Commits

Reviewing files that changed from the base of the PR and between 766294f and f74f078.

📒 Files selected for processing (2)

• scripts/nemoclaw-start.sh
• test/service-env.test.js

✅ Files skipped from review due to trivial changes (1)

• test/service-env.test.js

[senthilr-nv]

Thanks for the detailed repro — you were spot on. The original ~/.profile approach doesn't work for the real reconnect path because openshell sandbox connect lands in an interactive non-login bash, so the relevant user restore point is ~/.bashrc, not ~/.profile.

I traced through the OpenShell connect path to confirm the mechanism: child_env.rs hardcodes NO_PROXY=127.0.0.1,localhost,::1, and ssh.rs calls env_clear() before setting those narrow values and spawning bash -i. So every reconnect wipes the inherited env and re-injects the narrow list, but ~/.bashrc still gives NemoClaw a restore point after shell startup.

The updated fix writes the full proxy config to ~/.bashrc (primary) and ~/.profile (login-shell fallback). Both uppercase and lowercase variants are exported since Node.js undici prefers lowercase no_proxy when both are present.

I also addressed the CodeRabbit feedback in the latest commits:

• begin/end markers so the persisted block is replaced rather than duplicated if proxy host/port change between restarts
• dynamic _SANDBOX_HOME resolution via getent passwd when running as root, so the snippet lands in the sandbox user's home instead of /root

Verified end-to-end on DGX Spark (ARM64) and Brev VM (x86_64) with fresh destroy -> re-onboard -> connect:

env | grep -i proxy | sort
ALL_PROXY=http://10.200.0.1:3128
HTTPS_PROXY=http://10.200.0.1:3128
HTTP_PROXY=http://10.200.0.1:3128
NODE_USE_ENV_PROXY=1
NO_PROXY=localhost,127.0.0.1,::1,inference.local,10.200.0.1
grpc_proxy=http://10.200.0.1:3128
http_proxy=http://10.200.0.1:3128
https_proxy=http://10.200.0.1:3128
no_proxy=localhost,127.0.0.1,::1,inference.local,10.200.0.1

Proxy bypass confirmed — the remaining getaddrinfo EAI_AGAIN inference.local is the DNS resolution issue tracked in #732, separate from proxy routing. 22/22 unit tests green on both platforms.

[kjw3]

Reran this on the latest branch tip, and the result changed in the right way.

What I validated on Spark:

• refreshed to the latest PR tip
• ran test/service-env.test.js on the branch
  • 22/22 passed
• deleted the old disposable test sandbox
• ran a fresh non-interactive onboard from this PR branch
• connected into the fresh sandbox through a real interactive OpenShell pseudo-TTY session
• inspected the live env after connect
• inspected ~/.bashrc and ~/.profile inside that same fresh sandbox

What I saw in the fresh sandbox after connect:

• HTTP_PROXY=http://10.200.0.1:3128
• HTTPS_PROXY=http://10.200.0.1:3128
• NO_PROXY=localhost,127.0.0.1,::1,inference.local,10.200.0.1
• lowercase variants were also present and correct

And inside the sandbox:

• both ~/.bashrc and ~/.profile contained the expected marked proxy block
• this was a fresh sandbox created from the updated branch, not stale-state reuse

So with the ~/.bashrc-based restore path, this now fixes the real interactive reconnect behavior that the earlier ~/.profile-only approach did not.

Also, credit where it’s due: PR #704 by @nanookclaw was the work that correctly identified the core direction here in the first place:

• export the proxy env in nemoclaw-start.sh
• include the full bypass list in NO_PROXY
• fix the reconnect/runtime mismatch rather than treating it as a one-off manual env problem

This branch looks like the follow-through that closes that line of work.