Spaces:

wd21
/

openclaw

Running

App Files Files Community

openclaw / Dockerfile

wd21

Update Dockerfile

ae6afde verified 16 days ago

raw

history blame contribute delete

6.59 kB

	FROM node:22-slim

	# ========= 1. 安装系统依赖 + Chromium 浏览器 =========
	RUN apt-get update && apt-get install -y --no-install-recommends \
	git ca-certificates build-essential python3 python3-pip curl \
	chromium \
	libnss3 libatk-bridge2.0-0 libdrm2 libxkbcommon0 libgbm1 libasound2 \
	&& rm -rf /var/lib/apt/lists/*

	ENV PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium

	RUN pip3 install --no-cache-dir huggingface_hub --break-system-packages

	RUN npm install -g openclaw@latest --unsafe-perm

	RUN npx -y @tencent-weixin/openclaw-weixin-cli@latest install

	ENV PORT=7860 \
	OPENCLAW_GATEWAY_MODE=local \
	HOME=/root

	# 设置环境变量，防止 doctor 自动启用 Telegram
	ENV OPENCLAW_DISABLE_TELEGRAM=1

	# ========= 2. 完整的 sync.py 备份恢复脚本 =========
	RUN cat > /usr/local/bin/sync.py << 'SYNC_EOF'
	import os, sys, tarfile
	from huggingface_hub import HfApi, hf_hub_download
	from datetime import datetime, timedelta
	import subprocess
	import time

	api = HfApi()
	repo_id = os.getenv("HF_DATASET")
	token = os.getenv("HF_TOKEN")

	def restore():
	try:
	print(f"--- [SYNC] 启动恢复流程, 目标仓库: {repo_id} ---")
	if not repo_id or not token:
	print("--- [SYNC] 跳过恢复: 未配置 HF_DATASET 或 HF_TOKEN ---")
	return False
	files = api.list_repo_files(repo_id=repo_id, repo_type="dataset", token=token)
	now = datetime.now()
	for i in range(5):
	day = (now - timedelta(days=i)).strftime("%Y-%m-%d")
	name = f"backup_{day}.tar.gz"
	if name in files:
	print(f"--- [SYNC] 发现备份文件: {name}, 正在下载... ---")
	path = hf_hub_download(repo_id=repo_id, filename=name, repo_type="dataset", token=token)
	with tarfile.open(path, "r:gz") as tar:
	tar.extractall(path="/root/.openclaw/")
	print(f"--- [SYNC] 恢复成功! 数据已覆盖至 /root/.openclaw/ ---")
	return True
	print("--- [SYNC] 未找到最近 5 天的备份包 ---")
	except Exception as e:
	print(f"--- [SYNC] 恢复异常: {e} ---")

	def backup():
	try:
	day = datetime.now().strftime("%Y-%m-%d")
	name = f"backup_{day}.tar.gz"
	print(f"--- [SYNC] 正在执行全量备份: {name} ---")
	with tarfile.open(name, "w:gz") as tar:
	for target in ["sessions", "workspace", "agents", "memory", "openclaw.json", "wechat-data"]:
	full_path = f"/root/.openclaw/{target}"
	if os.path.exists(full_path):
	tar.add(full_path, arcname=target)
	api.upload_file(path_or_fileobj=name, path_in_repo=name, repo_id=repo_id, repo_type="dataset", token=token)
	print(f"--- [SYNC] 备份上传成功! ---")
	for _ in range(3):
	try:
	result = subprocess.run(["openclaw", "wechat", "send", "--to=me", f"备份成功: {name}"], capture_output=True, timeout=10)
	if result.returncode == 0:
	break
	except Exception:
	pass
	time.sleep(5)
	except Exception as e:
	print(f"--- [SYNC] 备份失败: {e} ---")

	if __name__ == "__main__":
	if len(sys.argv) > 1 and sys.argv[1] == "backup":
	backup()
	else:
	restore()
	SYNC_EOF

	RUN chmod +x /usr/local/bin/sync.py

	# ========= 3. 启动脚本 start-openclaw（禁用 Telegram + 前台 exec） =========
	RUN cat > /usr/local/bin/start-openclaw << 'EOF'
	#!/bin/bash
	set -e

	echo "Starting OpenClaw gateway..."

	python3 /usr/local/bin/sync.py restore

	# 彻底删除 Telegram 所有残留文件
	rm -rf /root/.openclaw/agents/main/agent/channels/telegram
	rm -rf /root/.openclaw/credentials/telegram
	rm -rf /root/.openclaw/agents/main/agent/telegram*
	rm -rf /root/.openclaw/agents/main/agent/channels/telegram*
	rm -f /root/.openclaw/agents/main/agent/auth-profiles.json
	find /root/.openclaw -name "telegram" -exec rm -rf {} + 2>/dev/null \|\| true

	mkdir -p /root/.openclaw/sessions
	mkdir -p /root/.openclaw/workspace
	mkdir -p /root/.openclaw/workspace/memory
	mkdir -p /root/.openclaw/wechat-data
	touch /root/.openclaw/workspace/MEMORY.md
	DATE=$(date +%Y-%m-%d)
	touch /root/.openclaw/workspace/memory/$DATE.md

	CLEAN_BASE=$(echo "$OPENAI_API_BASE" \| sed "s\|/chat/completions\|\|g" \| sed "s\|/v1/\|/v1\|g" \| sed "s\|/v1$\|/v1\|g")

	if [ -n "$GEMINI_API_KEY" ]; then
	PROVIDER="google"
	API_KEY_VAR="$GEMINI_API_KEY"
	BASE_URL_VAR="https://generativelanguage.googleapis.com/v1beta"
	MODEL_VAR="$MODEL"
	PRIMARY_MODEL="google/$MODEL_VAR"
	API_TYPE="google-generative-ai"
	else
	PROVIDER="openai"
	API_KEY_VAR="$OPENAI_API_KEY"
	BASE_URL_VAR="$CLEAN_BASE"
	MODEL_VAR="$MODEL"
	PRIMARY_MODEL="openai/$MODEL_VAR"
	API_TYPE="openai-completions"
	fi

	# 写入 openclaw.json（显式禁用 telegram）
	cat > /root/.openclaw/openclaw.json <<EOF2
	{
	"models": {
	"providers": {
	"$PROVIDER": {
	"baseUrl": "$BASE_URL_VAR",
	"apiKey": "$API_KEY_VAR",
	"api": "$API_TYPE",
	"models": [{ "id": "$MODEL_VAR", "name": "$MODEL_VAR", "contextWindow": 128000 }]
	}
	}
	},
	"agents": {
	"defaults": {
	"model": { "primary": "$PRIMARY_MODEL" },
	"imageModel": { "primary": "openai/gpt-4o-mini" },
	"tools": {
	"elevated": {
	"enabled": true,
	"allowFrom": {
	"openclaw-weixin": true
	}
	}
	}
	}
	},
	"gateway": {
	"mode": "local",
	"bind": "lan",
	"port": $PORT,
	"trustedProxies": ["0.0.0.0/0", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"],
	"auth": { "mode": "token", "token": "$OPENCLAW_GATEWAY_PASSWORD" },
	"controlUi": { "allowInsecureAuth": true, "allowedOrigins": ["*"] }
	},
	"plugins": { "allow": ["openclaw-weixin"] },
	"channels": {
	"openclaw-weixin": {
	"enabled": true,
	"dataDir": "/root/.openclaw/wechat-data",
	"autoLogin": true
	},
	"telegram": {
	"enabled": false
	}
	},
	"browser": {
	"enabled": true,
	"headless": true,
	"noSandbox": true,
	"defaultProfile": "openclaw"
	}
	}
	EOF2

	echo "=== openclaw.json content ==="
	cat /root/.openclaw/openclaw.json
	echo "=== end ==="

	openclaw doctor --fix

	# 启动定时备份（后台运行）
	(while true; do sleep 1800; python3 /usr/local/bin/sync.py backup; done) &

	# ✅ 前台运行 gateway（容器永不退出）
	exec openclaw gateway run --port $PORT
	EOF

	RUN chmod +x /usr/local/bin/start-openclaw

	EXPOSE 7860
	CMD ["/usr/local/bin/start-openclaw"]