Update entrypoint.sh

entrypoint.sh

@@ -1,101 +1,111 @@
 #!/bin/sh
 
 # OpenClaw HF Spaces - Production Entrypoint
-# 使用 Storage Buckets 作为唯一持久存储，所有数据都写到 /data/.openclaw
+# Storage: HF Storage Bucket mounted at /data (100 GB, persists across restarts)
+
+# -- resolve writable home ----------------------------------------
 
-# –– resolve writable home ———————————
 if mkdir -p /data/.openclaw 2>/dev/null; then
-    export OPENCLAW_HOME=/data
-    echo "[entrypoint] ✅ 使用持久存储 Storage Buckets: OPENCLAW_HOME=/data"
+  export OPENCLAW_HOME=/data
 else
-    export OPENCLAW_HOME=/home/user
-    mkdir -p /home/user/.openclaw
-    echo "[entrypoint] ⚠️  未找到 Storage Buckets，使用临时存储"
+  export OPENCLAW_HOME=/home/user
+  mkdir -p /home/user/.openclaw
 fi
 echo "[entrypoint] OPENCLAW_HOME=$OPENCLAW_HOME"
 
-# –– dynamic provider key export —————————
+# -- dynamic provider key export ----------------------------------
+
 for VAR in $(env | cut -d= -f1); do
-case "$VAR" in
-OPENCLAW_*|SPACE_*|SYSTEM_*|HF_*|NODE_*|npm_*) continue ;;
-esac
-case "$VAR" in
-*_API_KEY|*_SECRET_KEY|*_ACCESS_TOKEN|*_BOT_TOKEN|*_AUTH_TOKEN|*_APP_KEY)
-VAL=$(printenv "$VAR" 2>/dev/null || true)
-if [ -n "$VAL" ]; then
-export "$VAR"
-echo "[entrypoint] exported: $VAR"
-fi
-;;
-esac
+  case "$VAR" in
+    OPENCLAW_*|SPACE_*|SYSTEM_*|HF_*|NODE_*|npm_*) continue ;;
+  esac
+  case "$VAR" in
+    *_API_KEY|*_SECRET_KEY|*_ACCESS_TOKEN|*_BOT_TOKEN|*_AUTH_TOKEN|*_APP_KEY)
+      VAL=$(printenv "$VAR" 2>/dev/null || true)
+      if [ -n "$VAL" ]; then
+        export "$VAR"
+        echo "[entrypoint] exported: $VAR"
+      fi
+      ;;
+  esac
 done
 
 export HF_TOKEN="${HF_TOKEN:-}"
 
-# –– run setup —––
-echo "[entrypoint] Running setup…"
+# -- run setup (patch mode: preserves user settings) --------------
+
+echo "[entrypoint] Running setup..."
 node /app/spaces/huggingface/setup-hf-config.mjs || true
 echo "[entrypoint] Setup done."
 
-# –– security audit —––
+# -- security audit -----------------------------------------------
+
 if [ -f /app/security-check.sh ]; then
-sh /app/security-check.sh || true
+  sh /app/security-check.sh || true
 fi
 
-# –– auto-approve pending device pairings —––
+# -- auto-approve pending device pairings -------------------------
+
+# Sub-agents connecting as nodes require device pairing.
+# This loop detects pending pairing requests and approves them automatically.
+
 (
-DEVICES_DIR="$OPENCLAW_HOME/.openclaw/devices"
-mkdir -p "$DEVICES_DIR"
-echo "[auto-pair] Device auto-approval started"
-while true; do
-sleep 8
-PENDING="$DEVICES_DIR/pending.json"
-PAIRED="$DEVICES_DIR/paired.json"
-if [ -f "$PENDING" ]; then
-node - << 'JSEOF'
+  DEVICES_DIR="$OPENCLAW_HOME/.openclaw/devices"
+  mkdir -p "$DEVICES_DIR"
+  echo "[auto-pair] Device auto-approval started"
+  while true; do
+    sleep 8
+    PENDING="$DEVICES_DIR/pending.json"
+    PAIRED="$DEVICES_DIR/paired.json"
+    if [ -f "$PENDING" ]; then
+      node - << 'JSEOF'
 const fs = require('fs');
 const devDir = process.env.OPENCLAW_HOME + '/.openclaw/devices';
 const pendingPath = devDir + '/pending.json';
 const pairedPath  = devDir + '/paired.json';
 try {
-const raw = fs.readFileSync(pendingPath, 'utf-8').trim();
-if (!raw || raw === '[]' || raw === '{}') process.exit(0);
-let pending = JSON.parse(raw);
-if (!Array.isArray(pending)) pending = Object.values(pending);
-if (pending.length === 0) process.exit(0);
-let paired = [];
-if (fs.existsSync(pairedPath)) {
-try { paired = JSON.parse(fs.readFileSync(pairedPath, 'utf-8')); } catch(e) {}
-}
-if (!Array.isArray(paired)) paired = [];
-const pairedIds = new Set(paired.map(function(d) { return d.id || d.deviceId || d.name; }));
-const toApprove = pending.filter(function(d) {
-return !pairedIds.has(d.id || d.deviceId || d.name);
-});
-if (toApprove.length > 0) {
-const approved = toApprove.map(function(d) {
-return Object.assign({}, d, { approved: true, approvedAt: new Date().toISOString() });
-});
-paired = paired.concat(approved);
-fs.writeFileSync(pairedPath, JSON.stringify(paired, null, 2));
-fs.writeFileSync(pendingPath, '[]');
-console.log('[auto-pair] Approved ' + toApprove.length + ' device(s)');
-}
+  const raw = fs.readFileSync(pendingPath, 'utf-8').trim();
+  if (!raw || raw === '[]' || raw === '{}') process.exit(0);
+  let pending = JSON.parse(raw);
+  if (!Array.isArray(pending)) pending = Object.values(pending);
+  if (pending.length === 0) process.exit(0);
+  let paired = [];
+  if (fs.existsSync(pairedPath)) {
+    try { paired = JSON.parse(fs.readFileSync(pairedPath, 'utf-8')); } catch(e) {}
+  }
+  if (!Array.isArray(paired)) paired = [];
+  const pairedIds = new Set(paired.map(function(d) { return d.id || d.deviceId || d.name; }));
+  const toApprove = pending.filter(function(d) {
+    return !pairedIds.has(d.id || d.deviceId || d.name);
+  });
+  if (toApprove.length > 0) {
+    const approved = toApprove.map(function(d) {
+      return Object.assign({}, d, { approved: true, approvedAt: new Date().toISOString() });
+    });
+    paired = paired.concat(approved);
+    fs.writeFileSync(pairedPath, JSON.stringify(paired, null, 2));
+    fs.writeFileSync(pendingPath, '[]');
+    console.log('[auto-pair] Approved ' + toApprove.length + ' device(s)');
+  }
 } catch(e) { /* ignore */ }
 JSEOF
-fi
-done
+    fi
+  done
 ) &
 
-# –– gateway loop ——————————————
-echo "[entrypoint] Starting gateway loop…"
+# -- gateway loop -------------------------------------------------
+
+# Gateway exits on config save (OpenClaw full process restart).
+# Loop keeps container alive and restarts gateway in 2s.
+
+echo "[entrypoint] Starting gateway loop..."
 while true; do
-echo "[entrypoint] Gateway starting…"
-node /app/openclaw.mjs gateway \
---allow-unconfigured \
---bind lan \
---port 7860
-EXIT_CODE=$?
-echo "[entrypoint] Gateway exited (code $EXIT_CODE) - restarting in 2s…"
-sleep 2
+  echo "[entrypoint] Gateway starting..."
+  node /app/openclaw.mjs gateway \
+    --allow-unconfigured \
+    --bind lan \
+    --port 7860
+  EXIT_CODE=$?
+  echo "[entrypoint] Gateway exited (code $EXIT_CODE) - restarting in 2s..."
+  sleep 2
 done