Spaces:

ted1990
/

openclaw

Sleeping

App Files Files Community

ted1990 commited on 22 days ago

Commit

21effef

verified ·

1 Parent(s): 90a49b0

Update Dockerfile

Browse files

Files changed (1) hide show

Dockerfile +36 -34

Dockerfile CHANGED Viewed

@@ -1,41 +1,26 @@
 # 核心镜像：Node 22 slim
 FROM node:22-slim
-# 安装 tini 作为 init 系统
 RUN apt-get update && apt-get install -y --no-install-recommends tini \
     && rm -rf /var/lib/apt/lists/*
-# 1. 安装系统依赖
 RUN apt-get update && apt-get install -y --no-install-recommends \
-    git \
-    openssh-client \
-    build-essential \
-    python3 \
-    python3-pip \
-    g++ \
-    make \
-    ca-certificates \
     && rm -rf /var/lib/apt/lists/*
-# 2. 安装 Hugging Face 命令行工具
 RUN pip3 install --no-cache-dir huggingface_hub --break-system-packages
-# 3. 更新 CA 证书
 RUN update-ca-certificates
-# 4. 全局安装 OpenClaw
 RUN npm install -g openclaw@latest --unsafe-perm
-# 5. 准备数据目录并设置权限
-RUN mkdir -p /home/node/.openclaw && \
-    chown -R node:node /home/node/.openclaw
-# 6. 设置环境变量
 ENV PORT=7860 \
     OPENCLAW_GATEWAY_MODE=local \
     HOME=/home/node
-# 7. 核心同步引擎 (sync.py)
 RUN echo 'import os, sys, tarfile\n\
 from huggingface_hub import HfApi, hf_hub_download\n\
 from datetime import datetime, timedelta\n\
@@ -69,7 +54,7 @@ def restore():\n\
 \n\
 def backup():\n\
     try:\n\
-        targets = ["sessions", "workspace", "agents", "memory", "openclaw.json"]\n\
         existing = [t for t in targets if os.path.exists(os.path.join(DATA_DIR, t))]\n\
         if not existing:\n\
             print("--- [SYNC] 没有需要备份的数据，跳过备份 ---")\n\
@@ -94,7 +79,7 @@ if __name__ == "__main__":\n\
         restore()\n\
 ' > /usr/local/bin/sync.py
-# 8. 容器入口脚本
 RUN printf '#!/bin/bash\nset -e\n\n\
 : "${OPENAI_API_BASE:?OPENAI_API_BASE not set}"\n\
 : "${OPENAI_API_KEY:?OPENAI_API_KEY not set}"\n\
@@ -102,16 +87,16 @@ RUN printf '#!/bin/bash\nset -e\n\n\
 : "${OPENCLAW_GATEWAY_PASSWORD:?OPENCLAW_GATEWAY_PASSWORD not set}"\n\n\
 DATA_DIR="$HOME/.openclaw"\n\
 mkdir -p "$DATA_DIR"/{sessions,workspace,agents/main/sessions}\n\n\
-# ⚠️ 关键：先恢复备份（仅恢复 sessions/workspace/agents，不恢复 openclaw.json）\n\
 python3 /usr/local/bin/sync.py restore\n\n\
-# ⚠️ 关键：无论备份是否含旧配置，都强制用环境变量重新生成 openclaw.json\n\
-CLEAN_BASE=$(echo "$OPENAI_API_BASE" | sed "s|/chat/completions||g" | sed "s|/v1/|/v1|g" | sed "s|/v1$|/v1|g")\n\n\
 cat > "$DATA_DIR/openclaw.json" <<JSON\n\
 {\n\
   "models": {\n\
     "providers": {\n\
       "openai-compat": {\n\
-        "baseUrl": "$CLEAN_BASE",\n\
         "apiKey": "$OPENAI_API_KEY",\n\
         "api": "openai-completions",\n\
         "models": [{ "id": "$MODEL", "name": "Model", "contextWindow": 128000 }]\n\
@@ -120,12 +105,21 @@ cat > "$DATA_DIR/openclaw.json" <<JSON\n\
   },\n\
   "agents": { "defaults": { "model": { "primary": "openai-compat/$MODEL" } } },\n\
   "gateway": {\n\
-    "mode": "local", "bind": "lan", "port": $PORT,\n\
     "trustedProxies": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"],\n\
-    "auth": { "mode": "token", "token": "$OPENCLAW_GATEWAY_PASSWORD" },\n\
     "controlUi": {\n\
       "allowInsecureAuth": true,\n\
-      "allowedOrigins": ["https://ted1990-openclaw.hf.space"]\n\
     }\n\
   }\n\
 }\n\
@@ -134,12 +128,25 @@ chmod 700 "$DATA_DIR"\n\
 chmod 600 "$DATA_DIR/openclaw.json"\n\n\
 echo ""\n\
 echo "--- [CONFIG] openclaw.json 已生成 ---"\n\
-echo "--- [CONFIG] API Base: $CLEAN_BASE ---"\n\
 echo "--- [CONFIG] Model: $MODEL ---"\n\
 echo ""\n\n\
 (while true; do sleep 10800; python3 /usr/local/bin/sync.py backup; done) &\n\n\
 (\n\
-  sleep 8\n\
   echo ""\n\
   echo "================================================="\n\
   echo "✅ OpenClaw 已就绪！请使用以下完整 URL 访问："\n\
@@ -148,12 +155,7 @@ echo ""\n\n\
 ) &\n\n\
 exec openclaw gateway run --port $PORT\n' > /usr/local/bin/start-openclaw && chmod +x /usr/local/bin/start-openclaw
-# 9. 切换到 node 用户
 USER node
-# 10. 暴露端口
 EXPOSE 7860
-# 11. 使用 tini 启动
 ENTRYPOINT ["/usr/bin/tini", "--"]
 CMD ["/usr/local/bin/start-openclaw"]

 # 核心镜像：Node 22 slim
 FROM node:22-slim
 RUN apt-get update && apt-get install -y --no-install-recommends tini \
     && rm -rf /var/lib/apt/lists/*
 RUN apt-get update && apt-get install -y --no-install-recommends \
+    git openssh-client build-essential python3 python3-pip g++ make ca-certificates \
     && rm -rf /var/lib/apt/lists/*
 RUN pip3 install --no-cache-dir huggingface_hub --break-system-packages
 RUN update-ca-certificates
 RUN npm install -g openclaw@latest --unsafe-perm
+RUN mkdir -p /home/node/.openclaw && chown -R node:node /home/node/.openclaw
 ENV PORT=7860 \
     OPENCLAW_GATEWAY_MODE=local \
     HOME=/home/node
+# sync.py
 RUN echo 'import os, sys, tarfile\n\
 from huggingface_hub import HfApi, hf_hub_download\n\
 from datetime import datetime, timedelta\n\
 \n\
 def backup():\n\
     try:\n\
+        targets = ["sessions", "workspace", "agents", "memory"]\n\
         existing = [t for t in targets if os.path.exists(os.path.join(DATA_DIR, t))]\n\
         if not existing:\n\
             print("--- [SYNC] 没有需要备份的数据，跳过备份 ---")\n\
         restore()\n\
 ' > /usr/local/bin/sync.py
+# 入口脚本
 RUN printf '#!/bin/bash\nset -e\n\n\
 : "${OPENAI_API_BASE:?OPENAI_API_BASE not set}"\n\
 : "${OPENAI_API_KEY:?OPENAI_API_KEY not set}"\n\
 : "${OPENCLAW_GATEWAY_PASSWORD:?OPENCLAW_GATEWAY_PASSWORD not set}"\n\n\
 DATA_DIR="$HOME/.openclaw"\n\
 mkdir -p "$DATA_DIR"/{sessions,workspace,agents/main/sessions}\n\n\
 python3 /usr/local/bin/sync.py restore\n\n\
+# 备份恢复后强制重写 openclaw.json，防止旧配置污染\n\
+CLEAN_BASE=$(echo "$OPENAI_API_BASE" | sed "s|/chat/completions||g" | sed "s|/v1beta/openai.*||g" | sed "s|/v1/||g" | sed "s|/v1$||g")\n\n\
+# 关键：把 GATEWAY_TOKEN 写入配置，让网关启动时就信任已知设备\n\
 cat > "$DATA_DIR/openclaw.json" <<JSON\n\
 {\n\
   "models": {\n\
     "providers": {\n\
       "openai-compat": {\n\
+        "baseUrl": "$OPENAI_API_BASE",\n\
         "apiKey": "$OPENAI_API_KEY",\n\
         "api": "openai-completions",\n\
         "models": [{ "id": "$MODEL", "name": "Model", "contextWindow": 128000 }]\n\
   },\n\
   "agents": { "defaults": { "model": { "primary": "openai-compat/$MODEL" } } },\n\
   "gateway": {\n\
+    "mode": "local",\n\
+    "bind": "lan",\n\
+    "port": $PORT,\n\
     "trustedProxies": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"],\n\
+    "auth": {\n\
+      "mode": "token",\n\
+      "token": "$OPENCLAW_GATEWAY_PASSWORD"\n\
+    },\n\
     "controlUi": {\n\
       "allowInsecureAuth": true,\n\
+      "allowedOrigins": ["https://ted1990-openclaw.hf.space"],\n\
+      "gatewayToken": "$OPENCLAW_GATEWAY_PASSWORD"\n\
+    },\n\
+    "pairing": {\n\
+      "autoApprove": true\n\
     }\n\
   }\n\
 }\n\
 chmod 600 "$DATA_DIR/openclaw.json"\n\n\
 echo ""\n\
 echo "--- [CONFIG] openclaw.json 已生成 ---"\n\
+echo "--- [CONFIG] API Base: $OPENAI_API_BASE ---"\n\
 echo "--- [CONFIG] Model: $MODEL ---"\n\
 echo ""\n\n\
+# 定时备份（注意备份列表已排除 openclaw.json）\n\
 (while true; do sleep 10800; python3 /usr/local/bin/sync.py backup; done) &\n\n\
+# 自动批准配对请求（兜底方案）\n\
 (\n\
+  sleep 15\n\
+  for i in $(seq 1 20); do\n\
+    REQUEST_ID=$(openclaw devices list --json 2>/dev/null | python3 -c "import sys,json; data=json.load(sys.stdin); reqs=[d.get('"'"'requestId'"'"',...) for d in data if d.get('"'"'status'"'"')=='"'"'pending'"'"']; print(reqs[0] if reqs else '"'"''"'"')" 2>/dev/null || true)\n\
+    if [ -n "$REQUEST_ID" ] && [ "$REQUEST_ID" != "None" ]; then\n\
+      echo "✅ 正在批准设备: $REQUEST_ID"\n\
+      openclaw devices approve "$REQUEST_ID" && break\n\
+    fi\n\
+    sleep 3\n\
+  done\n\
+) &\n\n\
+(\n\
+  sleep 10\n\
   echo ""\n\
   echo "================================================="\n\
   echo "✅ OpenClaw 已就绪！请使用以下完整 URL 访问："\n\
 ) &\n\n\
 exec openclaw gateway run --port $PORT\n' > /usr/local/bin/start-openclaw && chmod +x /usr/local/bin/start-openclaw
 USER node
 EXPOSE 7860
 ENTRYPOINT ["/usr/bin/tini", "--"]
 CMD ["/usr/local/bin/start-openclaw"]