| FROM node:22-slim |
|
|
| RUN apt-get update && apt-get install -y --no-install-recommends \ |
| git ca-certificates build-essential python3 python3-pip curl \ |
| && rm -rf /var/lib/apt/lists/* |
|
|
| RUN pip3 install --no-cache-dir huggingface_hub --break-system-packages |
|
|
| RUN npm install -g openclaw@latest --unsafe-perm |
|
|
| RUN npx -y @tencent-weixin/openclaw-weixin-cli@latest install |
|
|
| ENV PORT=7860 \ |
| OPENCLAW_GATEWAY_MODE=local \ |
| HOME=/root |
|
|
| |
| RUN cat > /usr/local/bin/sync.py << 'SYNC_EOF' |
| import os, sys, tarfile |
| from huggingface_hub import HfApi, hf_hub_download |
| from datetime import datetime, timedelta |
| import subprocess |
| import time |
|
|
| api = HfApi() |
| repo_id = os.getenv("HF_DATASET") |
| token = os.getenv("HF_TOKEN") |
|
|
| def restore(): |
| try: |
| print(f"--- [SYNC] 启动恢复流程, 目标仓库: {repo_id} ---") |
| if not repo_id or not token: |
| print("--- [SYNC] 跳过恢复: 未配置 HF_DATASET 或 HF_TOKEN ---") |
| return False |
| files = api.list_repo_files(repo_id=repo_id, repo_type="dataset", token=token) |
| now = datetime.now() |
| for i in range(5): |
| day = (now - timedelta(days=i)).strftime("%Y-%m-%d") |
| name = f"backup_{day}.tar.gz" |
| if name in files: |
| print(f"--- [SYNC] 发现备份文件: {name}, 正在下载... ---") |
| path = hf_hub_download(repo_id=repo_id, filename=name, repo_type="dataset", token=token) |
| with tarfile.open(path, "r:gz") as tar: |
| tar.extractall(path="/root/.openclaw/") |
| print(f"--- [SYNC] 恢复成功! 数据已覆盖至 /root/.openclaw/ ---") |
| return True |
| print("--- [SYNC] 未找到最近 5 天的备份包 ---") |
| except Exception as e: |
| print(f"--- [SYNC] 恢复异常: {e} ---") |
|
|
| def backup(): |
| try: |
| day = datetime.now().strftime("%Y-%m-%d") |
| name = f"backup_{day}.tar.gz" |
| print(f"--- [SYNC] 正在执行全量备份: {name} ---") |
| with tarfile.open(name, "w:gz") as tar: |
| for target in ["sessions", "workspace", "agents", "memory", "openclaw.json", "wechat-data"]: |
| full_path = f"/root/.openclaw/{target}" |
| if os.path.exists(full_path): |
| tar.add(full_path, arcname=target) |
| api.upload_file(path_or_fileobj=name, path_in_repo=name, repo_id=repo_id, repo_type="dataset", token=token) |
| print(f"--- [SYNC] 备份上传成功! ---") |
| for _ in range(3): |
| try: |
| result = subprocess.run(["openclaw", "wechat", "send", "--to=me", f"备份成功: {name}"], capture_output=True, timeout=10) |
| if result.returncode == 0: |
| break |
| except Exception: |
| pass |
| time.sleep(5) |
| except Exception as e: |
| print(f"--- [SYNC] 备份失败: {e} ---") |
|
|
| if __name__ == "__main__": |
| if len(sys.argv) > 1 and sys.argv[1] == "backup": |
| backup() |
| else: |
| restore() |
| SYNC_EOF |
|
|
| RUN chmod +x /usr/local/bin/sync.py |
|
|
| |
| RUN cat > /usr/local/bin/start-openclaw << 'EOF' |
| |
| set -e |
|
|
| echo "Waiting 60 seconds for previous container to fully exit..." |
| sleep 60 |
|
|
| python3 /usr/local/bin/sync.py restore |
|
|
| rm -rf /root/.openclaw/agents/main/agent/channels/telegram |
| rm -rf /root/.openclaw/credentials/telegram |
| rm -f /root/.openclaw/agents/main/agent/auth-profiles.json |
|
|
| mkdir -p /root/.openclaw/sessions |
| mkdir -p /root/.openclaw/workspace |
| mkdir -p /root/.openclaw/workspace/memory |
| mkdir -p /root/.openclaw/wechat-data |
| touch /root/.openclaw/workspace/MEMORY.md |
| DATE=$(date +%Y-%m-%d) |
| touch /root/.openclaw/workspace/memory/$DATE.md |
|
|
| CLEAN_BASE=$(echo "$OPENAI_API_BASE" | sed "s|/chat/completions||g" | sed "s|/v1/|/v1|g" | sed "s|/v1$|/v1|g") |
|
|
| if [ -n "$GEMINI_API_KEY" ]; then |
| PROVIDER="google" |
| API_KEY_VAR="$GEMINI_API_KEY" |
| BASE_URL_VAR="https://generativelanguage.googleapis.com/v1beta" |
| MODEL_VAR="$MODEL" |
| PRIMARY_MODEL="google/$MODEL_VAR" |
| API_TYPE="google-generative-ai" |
| else |
| PROVIDER="openai" |
| API_KEY_VAR="$OPENAI_API_KEY" |
| BASE_URL_VAR="$CLEAN_BASE" |
| MODEL_VAR="$MODEL" |
| PRIMARY_MODEL="openai/$MODEL_VAR" |
| API_TYPE="openai-completions" |
| fi |
|
|
| |
| GROUPS_CONFIG="" |
| if [ -n "$TELEGRAM_GROUP_IDS" ]; then |
| GROUPS_CONFIG=', "groups": {' |
| IFS=',' read -ra GROUP_ARRAY <<< "$TELEGRAM_GROUP_IDS" |
| for i in "${!GROUP_ARRAY[@]}"; do |
| GROUP_ID="${GROUP_ARRAY[$i]}" |
| GROUP_ID=$(echo "$GROUP_ID" | xargs) |
| GROUPS_CONFIG="$GROUPS_CONFIG\"$GROUP_ID\": {\"requireMention\": true}" |
| if [ $i -lt $((${ |
| GROUPS_CONFIG="$GROUPS_CONFIG, " |
| fi |
| done |
| GROUPS_CONFIG="$GROUPS_CONFIG }" |
| fi |
|
|
| cat > /root/.openclaw/openclaw.json <<EOF2 |
| { |
| "models": { |
| "providers": { |
| "$PROVIDER": { |
| "baseUrl": "$BASE_URL_VAR", |
| "apiKey": "$API_KEY_VAR", |
| "api": "$API_TYPE", |
| "models": [{ "id": "$MODEL_VAR", "name": "$MODEL_VAR", "contextWindow": 128000 }] |
| } |
| } |
| }, |
| "agents": { |
| "defaults": { |
| "model": { "primary": "$PRIMARY_MODEL" }, |
| "imageModel": { "primary": "openai/gpt-4o-mini" }, |
| "tools": { |
| "elevated": { |
| "enabled": true, |
| "allowFrom": { |
| "openclaw-weixin": true |
| } |
| } |
| } |
| } |
| }, |
| "gateway": { |
| "mode": "local", |
| "bind": "lan", |
| "port": $PORT, |
| "trustedProxies": ["0.0.0.0/0", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"], |
| "auth": { "mode": "token", "token": "$OPENCLAW_GATEWAY_PASSWORD" }, |
| "controlUi": { "allowInsecureAuth": true, "allowedOrigins": ["*"] } |
| }, |
| "plugins": { "allow": ["openclaw-weixin"] }, |
| "channels": { |
| "openclaw-weixin": { |
| "enabled": true, |
| "dataDir": "/root/.openclaw/wechat-data", |
| "autoLogin": true |
| }, |
| "telegram": { |
| "enabled": true, |
| "botToken": "$TELEGRAM_BOT_TOKEN", |
| "retry": { |
| "attempts": 10, |
| "minDelayMs": 500, |
| "maxDelayMs": 30000, |
| "jitter": 0.1 |
| }$GROUPS_CONFIG |
| } |
| } |
| } |
| EOF2 |
|
|
| echo "=== openclaw.json content ===" |
| cat /root/.openclaw/openclaw.json |
| echo "=== end ===" |
|
|
| openclaw doctor --fix |
|
|
| (while true; do sleep 1800; python3 /usr/local/bin/sync.py backup; done) & |
|
|
| openclaw gateway run --port $PORT & |
| GATEWAY_PID=$! |
|
|
| sleep 8 |
|
|
| echo "Starting Telegram auto-pairing..." |
| for i in {1..10}; do |
| PAIR_OUTPUT=$(openclaw pairing list 2>/dev/null || true) |
| CODE=$(echo "$PAIR_OUTPUT" | grep -oP 'Pairing code: \K[A-Z0-9]{7,}' | head -1) |
| if [ -z "$CODE" ]; then |
| CODE=$(echo "$PAIR_OUTPUT" | awk '/^│ Code/ {getline; split($0, a, "│"); gsub(/^ +| +$/, "", a[2]); if (a[2] ~ /^[A-Z0-9]{7,}$/) print a[2]}' | head -1) |
| fi |
| if [ -z "$CODE" ]; then |
| CODE=$(echo "$PAIR_OUTPUT" | grep -oE '[A-Z0-9]{7,}' | grep -v "PAIRING" | grep -v "REQUEST" | head -1) |
| fi |
| if [ -n "$CODE" ]; then |
| echo "Found pairing code: $CODE" |
| openclaw pairing approve telegram "$CODE" |
| echo "Approval sent. Bot should now respond." |
| break |
| else |
| echo "No pending pairing code found (attempt $i/10). Waiting 5 seconds..." |
| sleep 5 |
| fi |
| done |
|
|
| trap 'echo "Container stopping, running final backup..."; python3 /usr/local/bin/sync.py backup; kill $GATEWAY_PID 2>/dev/null' EXIT |
|
|
| wait $GATEWAY_PID |
| EOF |
|
|
| RUN chmod +x /usr/local/bin/start-openclaw |
|
|
| EXPOSE 7860 |
| CMD ["/usr/local/bin/start-openclaw"] |
