FROM node:22-bookworm # 1. Install dependencies RUN apt-get update && apt-get install -y curl git ca-certificates chromium zstd --no-install-recommends && rm -rf /var/lib/apt/lists/* # 2. Install Ollama and OpenClaw RUN curl -fsSL https://ollama.com/install.sh | sh && npm install -g openclaw@latest # 3. Setup User Environment USER node ENV HOME=/home/node ENV OPENCLAW_STATE_DIR=$HOME/data/openclaw ENV PORT=7860 # Force these variables at the system level ENV OLLAMA_API_KEY="ollama-local" ENV GATEWAY_TOKEN="MySuperSecret123!" ENV OLLAMA_HOST="127.0.0.1:11434" # 4. Create the foolproof startup script RUN mkdir -p $OPENCLAW_STATE_DIR/agents/main/sessions && \ echo '#!/bin/bash' > $HOME/start.sh && \ # Wipe the old config that is likely causing the "pairing required" loop echo 'rm -rf $OPENCLAW_STATE_DIR/openclaw.json' >> $HOME/start.sh && \ echo 'cat < $OPENCLAW_STATE_DIR/openclaw.json' >> $HOME/start.sh && \ echo '{' >> $HOME/start.sh && \ echo ' "gateway": {' >> $HOME/start.sh && \ echo ' "mode": "local",' >> $HOME/start.sh && \ echo ' "bind": "lan",' >> $HOME/start.sh && \ echo ' "port": 7860,' >> $HOME/start.sh && \ echo ' "auth": { "token": "MySuperSecret123!" },' >> $HOME/start.sh && \ echo ' "controlUi": { "dangerouslyAllowHostHeaderOriginFallback": true }' >> $HOME/start.sh && \ echo ' },' >> $HOME/start.sh && \ echo ' "agents": {' >> $HOME/start.sh && \ echo ' "defaults": { "model": "ollama/llama3.2" }' >> $HOME/start.sh && \ echo ' }' >> $HOME/start.sh && \ echo '}' >> $HOME/start.sh && \ echo 'EOF' >> $HOME/start.sh && \ echo 'ollama serve &' >> $HOME/start.sh && \ echo 'sleep 10' >> $HOME/start.sh && \ # Ensure the model is actually there before the gateway starts echo 'ollama pull llama3.2' >> $HOME/start.sh && \ # Force approval of the local device immediately echo '(while true; do openclaw devices approve --latest > /dev/null 2>&1; sleep 5; done) &' >> $HOME/start.sh && \ echo 'exec openclaw gateway run' >> $HOME/start.sh && \ chmod +x $HOME/start.sh EXPOSE 7860 CMD ["/home/node/start.sh"]