Spaces:

jun02
/

openclaw03

Sleeping

App Files Files Community

wenyin commited on Mar 26

Commit

eaa272b

verified ·

1 Parent(s): 42cefa7

Upload 3 files

Browse files

Files changed (3) hide show

Dockerfile +46 -0
start-openclaw.sh +212 -0
sync.py +161 -0

Dockerfile ADDED Viewed

	@@ -0,0 +1,46 @@

+FROM node:22-slim
+# ─── 1. 系统基础依赖 ──────────────────────────────────────────────────────────
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    git openssh-client build-essential python3 python3-pip \
+    make g++ curl wget ca-certificates tini procps jq unzip zip \
+    locales \
+    && sed -i '/zh_CN.UTF-8/s/^# //g' /etc/locale.gen \
+    && locale-gen \
+    && rm -rf /var/lib/apt/lists/*
+# ─── 2. Python 工具 ───────────────────────────────────────────────────────────
+RUN pip3 install --no-cache-dir huggingface_hub requests httpx --break-system-packages
+# ─── 3. 全局安装 OpenClaw ─────────────────────────────────────────────────────
+RUN npm install -g openclaw@latest --registry https://registry.npmmirror.com && npm cache clean --force
+# ─── 4. 环境变量 ──────────────────────────────────────────────────────────────
+ENV LANG=zh_CN.UTF-8 \
+    LANGUAGE=zh_CN:zh \
+    LC_ALL=zh_CN.UTF-8 \
+    HOME=/home/node \
+    PORT=7860 \
+    NPM_CONFIG_REGISTRY=https://registry.npmmirror.com
+# ─── 5. Git 强制 HTTPS ────────────────────────────────────────────────────────
+RUN git config --global url."https://github.com/".insteadOf ssh://git@github.com/ \
+    && git config --global url."https://github.com/".insteadOf git@github.com:
+# ─── 6. 工作目录 & 脚本 ──────────────────────────────────────────────────────
+WORKDIR /app
+COPY --chown=node:node sync.py .
+COPY --chown=node:node start-openclaw.sh .
+RUN chmod +x start-openclaw.sh
+# ─── 7. 权限调整 ──────────────────────────────────────────────────────────────
+RUN mkdir -p /home/node/.openclaw \
+    && chown -R node:node /home/node
+# ─── 8. 切换至非 root 用户（内置 node 用户 UID = 1000，符合 HF 规范）─────────
+USER 1000
+# ─── 9. 暴露端口并启动 ───────────────────────────────────────────────────────
+EXPOSE 7860
+ENTRYPOINT ["tini", "--"]
+CMD ["./start-openclaw.sh"]

start-openclaw.sh ADDED Viewed

	@@ -0,0 +1,212 @@

+#!/bin/bash
+set -e
+BASE_DIR="/home/node/.openclaw"
+# ─── 清理函数：退出时强制杀掉所有后台任务 ────────────────────────────────────
+cleanup() {
+  echo "[cleanup] Received exit signal, cleaning up..."
+  if [ -n "$BACKUP_PID" ]; then
+    kill "$BACKUP_PID" 2>/dev/null || true
+    echo "[cleanup] Backup process $BACKUP_PID stopped."
+  fi
+  echo "[cleanup] Done."
+}
+trap cleanup EXIT SIGTERM SIGINT
+# ─── 1. 创建必要的目录结构 ────────────────────────────────────────────────────
+mkdir -p $BASE_DIR/agents/main/sessions
+mkdir -p $BASE_DIR/credentials
+mkdir -p $BASE_DIR/sessions
+mkdir -p $BASE_DIR/workspace
+mkdir -p $BASE_DIR/extensions
+# ─── 2. 执行恢复（从 HF Dataset 恢复旧的会话和配置） ─────────────────────────
+python3 /app/sync.py restore || true
+# ─── 3. 生成 openclaw.json（仅在文件不存在时） ───────────────────────────────
+if [ ! -f $BASE_DIR/openclaw.json ]; then
+  echo "openclaw.json not found, generating..."
+  cat > $BASE_DIR/openclaw.json <<EOF
+{
+  "meta": {
+    "lastTouchedVersion": "2026.3.13",
+    "lastTouchedAt": "$(date -u +"%Y-%m-%dT%H:%M:%SZ")"
+  },
+  "wizard": {
+    "lastRunAt": "2026-03-22T14:56:52.442Z",
+    "lastRunVersion": "2026.3.13",
+    "lastRunCommand": "onboard",
+    "lastRunMode": "local"
+  },
+  "models": {
+    "mode": "merge",
+    "providers": {
+      "custom-nvidia": {
+        "baseUrl": "https://integrate.api.nvidia.com/v1",
+        "apiKey": "${NVIDIA_API_KEY}",
+        "api": "openai-completions",
+        "models": [
+          {
+            "id": "minimaxai/minimax-m2.5",
+            "name": "minimaxai/minimax-m2.5 (Custom Provider)",
+            "reasoning": false,
+            "input": ["text"],
+            "cost": { "input": 0, "output": 0, "cacheRead": 0, "cacheWrite": 0 },
+            "contextWindow": 200000,
+            "maxTokens": 8192
+          },
+          {
+            "id": "nvidia/nemotron-3-super-120b-a12b",
+            "input": ["text", "image"],
+            "name": "nvidia/nemotron-3-super-120b-a12b",
+            "reasoning": false,
+            "contextWindow": 200000,
+            "maxTokens": 16384
+          },
+          {
+            "id": "openai/gpt-oss-120b",
+            "input": ["text", "image"],
+            "name": "openai/gpt-oss-120b",
+            "reasoning": false,
+            "contextWindow": 200000,
+            "maxTokens": 16384
+          },
+          {
+            "id": "qwen/qwen3.5-397b-a17b",
+            "input": ["text", "image"],
+            "name": "qwen/qwen3.5-397b-a17b",
+            "reasoning": false,
+            "contextWindow": 200000,
+            "maxTokens": 16384
+          }
+        ]
+      },
+      "gemini-auth": {
+        "baseUrl": "http://107.173.211.130:3000/gemini-cli-oauth/v1",
+        "apiKey": "${GEMINI_API_KEY}",
+        "api": "openai-completions",
+        "models": [
+          {
+            "id": "gemini-3-flash-preview",
+            "input": ["text", "image"],
+            "name": "gemini-3-flash-preview",
+            "reasoning": false,
+            "contextWindow": 200000,
+            "maxTokens": 16384
+          },
+          {
+            "id": "gemini-3.1-flash-lite-preview",
+            "input": ["text", "image"],
+            "name": "gemini-3.1-flash-lite-preview",
+            "reasoning": false,
+            "contextWindow": 200000,
+            "maxTokens": 16384
+          }
+        ]
+      },
+      "qwen-auth": {
+        "baseUrl": "http://107.173.211.130:3000/openai-qwen-oauth/v1",
+        "apiKey": "${QWEN_API_KEY}",
+        "api": "openai-completions",
+        "models": [
+          {
+            "id": "qwen3-coder-flash",
+            "input": ["text", "image"],
+            "name": "qwen3-coder-flash",
+            "reasoning": false,
+            "contextWindow": 200000,
+            "maxTokens": 16384
+          }
+        ]
+      }
+    }
+  },
+  "agents": {
+    "defaults": {
+      "model": {
+        "primary": "gemini-auth/gemini-3.1-flash-lite-preview",
+        "fallbacks": [
+          "custom-nvidia/minimaxai/minimax-m2.5",
+          "custom-nvidia/nvidia/nemotron-3-super-120b-a12b",
+          "custom-nvidia/openai/gpt-oss-120b",
+          "custom-nvidia/qwen/qwen3.5-397b-a17b",
+          "gemini-auth/gemini-3-flash-preview",
+          "qwen-auth/qwen3-coder-flash"
+        ]
+      },
+      "models": {
+        "gemini-auth/gemini-3.1-flash-lite-preview": {},
+        "custom-nvidia/minimaxai/minimax-m2.5": {},
+        "custom-nvidia/nvidia/nemotron-3-super-120b-a12b": {},
+        "custom-nvidia/openai/gpt-oss-120b": {},
+        "custom-nvidia/qwen/qwen3.5-397b-a17b": {},
+        "gemini-auth/gemini-3-flash-preview": {},
+        "qwen-auth/qwen3-coder-flash": {}
+      },
+      "workspace": "$BASE_DIR/workspace",
+      "compaction": { "mode": "safeguard" },
+      "sandbox": { "mode": "off" }
+    }
+  },
+  "tools": {
+    "profile": "full",
+    "sessions": { "visibility": "all" }
+  },
+  "commands": {
+    "native": "auto",
+    "nativeSkills": "auto",
+    "restart": true,
+    "ownerDisplay": "raw"
+  },
+  "session": { "dmScope": "per-channel-peer" },
+  "gateway": {
+    "port": 7860,
+    "mode": "local",
+    "bind": "lan",
+    "auth": {
+      "mode": "token",
+      "token": "${OPENCLAW_TOKEN}"
+    },
+    "nodes": {
+      "denyCommands": [
+        "camera.snap", "camera.clip", "screen.record", "contacts.add",
+        "calendar.add", "reminders.add", "sms.send"
+      ]
+    },
+    "controlUi": {
+      "allowedOrigins": ["*"],
+      "allowInsecureAuth": true,
+      "dangerouslyDisableDeviceAuth": true,
+      "dangerouslyAllowHostHeaderOriginFallback": true
+    }
+  }
+}
+EOF
+else
+  echo "openclaw.json already exists (restored from backup), skipping."
+fi
+# ─── 4. 安装微信插件（跳过已安装） ───────────────────────────────────────────
+WEIXIN_FLAG="$BASE_DIR/.weixin_installed"
+if [ ! -f "$WEIXIN_FLAG" ]; then
+  echo "[setup] Installing WeChat plugin..."
+  CI=true npx -y @tencent-weixin/openclaw-weixin-cli@latest install --force
+  touch "$WEIXIN_FLAG"
+  echo "[setup] WeChat plugin installed."
+else
+  echo "[setup] WeChat plugin already installed, skipping."
+fi
+# ─── 5. 启动定时备份（每 1 小时） ────────────────────────────────────────────
+(while true; do sleep 3600; python3 /app/sync.py backup; done) &
+BACKUP_PID=$!
+echo "[setup] Backup loop started (PID: $BACKUP_PID)"
+# ─── 6. 运行自检并启动 ───────────────────────────────────────────────────────
+openclaw doctor --fix
+exec openclaw gateway run --port 7860 --bind lan

sync.py ADDED Viewed

	@@ -0,0 +1,161 @@

+import os
+import sys
+import tarfile
+import hashlib
+import logging
+from datetime import datetime
+from huggingface_hub import HfApi, hf_hub_download
+from huggingface_hub.utils import EntryNotFoundError, RepositoryNotFoundError
+# ── 日志配置
+logging.basicConfig(
+    level=logging.INFO,
+    format="%(asctime)s [%(levelname)s] %(message)s",
+    datefmt="%Y-%m-%dT%H:%M:%SZ",
+)
+log = logging.getLogger("sync")
+# ── 配置
+api     = HfApi()
+repo_id = os.getenv("HF_DATASET")
+token   = os.getenv("HF_TOKEN")
+FILENAME    = "latest_backup.tar.gz"
+BACKUP_PATH = f"/tmp/{FILENAME}"
+BASE_DIR    = "/home/node/.openclaw"
+PATHS_TO_BACKUP = [
+    f"{BASE_DIR}/sessions",
+    f"{BASE_DIR}/agents/main/sessions",
+    f"{BASE_DIR}/credentials",
+    f"{BASE_DIR}/workspace",
+    f"{BASE_DIR}/extensions",
+    f"{BASE_DIR}/openclaw.json",
+]
+# ── 工具函数
+def _check_env() -> bool:
+    if not repo_id or not token:
+        log.warning("HF_DATASET 或 HF_TOKEN 未设置，跳过同步。")
+        return False
+    return True
+def _sha256(path: str) -> str:
+    h = hashlib.sha256()
+    with open(path, "rb") as f:
+        for chunk in iter(lambda: f.read(65536), b""):
+            h.update(chunk)
+    return h.hexdigest()
+def _verify_tar(path: str) -> bool:
+    try:
+        with tarfile.open(path, "r:gz") as tar:
+            members = tar.getmembers()
+            if not members:
+                log.warning("压缩包为空，跳过。")
+                return False
+            log.info(f"压缩包验证通过，共 {len(members)} 个条目。")
+            return True
+    except tarfile.TarError as e:
+        log.error(f"压缩包损坏: {e}")
+        return False
+# ── restore
+def restore() -> bool:
+    if not _check_env():
+        return False
+    log.info(f"开始恢复：从 {repo_id} 下载 {FILENAME} ...")
+    try:
+        path = hf_hub_download(
+            repo_id=repo_id,
+            filename=FILENAME,
+            repo_type="dataset",
+            token=token,
+        )
+    except (EntryNotFoundError, RepositoryNotFoundError):
+        log.info("仓库中尚无备份文件，首次运行，跳过恢复。")
+        return False
+    except Exception as e:
+        log.error(f"下载失败: {e}")
+        return False
+    if not _verify_tar(path):
+        log.error("备份文件验证失败，放弃解压。")
+        return False
+    log.info(f"文件 SHA-256: {_sha256(path)}")
+    try:
+        os.makedirs(BASE_DIR, exist_ok=True)
+        with tarfile.open(path, "r:gz") as tar:
+            # 兼容处理：如果你之前的备份带有 /root 路径，解压时会自动映射到当前目录
+            tar.extractall(path=BASE_DIR)
+        log.info(f"恢复成功 → {BASE_DIR}")
+        return True
+    except Exception as e:
+        log.error(f"解压失败: {e}")
+        return False
+# ── backup
+def backup() -> bool:
+    if not _check_env():
+        return False
+    existing = [p for p in PATHS_TO_BACKUP if os.path.exists(p)]
+    if not existing:
+        log.warning("所有备份路径均不存在，跳过备份。")
+        return False
+    log.info(f"开始备份，共 {len(existing)} 个路径...")
+    try:
+        with tarfile.open(BACKUP_PATH, "w:gz") as tar:
+            for p in existing:
+                # 剥离前缀，确保解压时不带绝对路径
+                arcname = p.replace(f"{BASE_DIR}/", "")
+                tar.add(p, arcname=arcname, recursive=True)
+                log.info(f"  已打包: {p} → {arcname}")
+    except Exception as e:
+        log.error(f"打包失败: {e}")
+        return False
+    if not _verify_tar(BACKUP_PATH):
+        log.error("生成的压缩包验证失败，取消上传。")
+        return False
+    log.info(f"压缩包大小: {os.path.getsize(BACKUP_PATH)/1024:.1f} KB，SHA-256: {_sha256(BACKUP_PATH)}")
+    try:
+        api.upload_file(
+            path_or_fileobj=BACKUP_PATH,
+            path_in_repo=FILENAME,
+            repo_id=repo_id,
+            repo_type="dataset",
+            token=token,
+            commit_message=f"backup {datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S')} UTC",
+        )
+        log.info(f"备份上传成功 → {repo_id}/{FILENAME}")
+        return True
+    except Exception as e:
+        log.error(f"上传失败: {e}")
+        return False
+    finally:
+        if os.path.exists(BACKUP_PATH):
+            os.remove(BACKUP_PATH)
+            log.info("本地临时文件已清理。")
+# ── 入口
+if __name__ == "__main__":
+    action = sys.argv[1] if len(sys.argv) > 1 else "restore"
+    if action == "backup":
+        success = backup()
+    elif action == "restore":
+        success = restore()
+    else:
+        log.error(f"未知命令: {action}，用法: python sync.py [backup|restore]")
+        sys.exit(1)
+    sys.exit(0 if success else 1)