[ci skip] openclaw: fix Telegram, update to v2026.2.26, fix startup issues
- Update OpenClaw from v2026.2.9 to v2026.2.26 (fixes Telegram channel) - Add gateway.mode=local + wizard block (required for channel startup) - Add dangerouslyAllowHostHeaderOriginFallback (v2026.2.26 requirement) - Run doctor --fix at container startup to auto-enable Telegram - Create required dirs (canvas, devices, cron, sessions, credentials) - Fix permissions: chown -R 1000:1000 for node user - Telegram: DM allowlist, user 8281953845 only
This commit is contained in:
parent
da943c71ac
commit
207164050c
1 changed files with 22 additions and 8 deletions
|
|
@ -77,10 +77,12 @@ resource "kubernetes_config_map" "openclaw_config" {
|
||||||
data = {
|
data = {
|
||||||
"openclaw.json" = jsonencode({
|
"openclaw.json" = jsonencode({
|
||||||
gateway = {
|
gateway = {
|
||||||
|
mode = "local"
|
||||||
bind = "lan"
|
bind = "lan"
|
||||||
trustedProxies = ["10.0.0.0/8"]
|
trustedProxies = ["10.0.0.0/8"]
|
||||||
controlUi = {
|
controlUi = {
|
||||||
dangerouslyDisableDeviceAuth = true
|
dangerouslyDisableDeviceAuth = true
|
||||||
|
dangerouslyAllowHostHeaderOriginFallback = true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
agents = {
|
agents = {
|
||||||
|
|
@ -130,11 +132,12 @@ resource "kubernetes_config_map" "openclaw_config" {
|
||||||
}
|
}
|
||||||
channels = {
|
channels = {
|
||||||
telegram = {
|
telegram = {
|
||||||
enabled = true
|
enabled = true
|
||||||
botToken = var.openclaw_telegram_bot_token
|
botToken = var.openclaw_telegram_bot_token
|
||||||
dmPolicy = "allowlist"
|
dmPolicy = "allowlist"
|
||||||
allowFrom = ["tg:8281953845"]
|
allowFrom = ["tg:8281953845"]
|
||||||
historyLimit = 50
|
groupPolicy = "allowlist"
|
||||||
|
streamMode = "partial"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
models = {
|
models = {
|
||||||
|
|
@ -173,6 +176,12 @@ resource "kubernetes_config_map" "openclaw_config" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
wizard = {
|
||||||
|
lastRunAt = "2026-03-01T15:11:54.176Z"
|
||||||
|
lastRunVersion = "2026.2.9"
|
||||||
|
lastRunCommand = "configure"
|
||||||
|
lastRunMode = "local"
|
||||||
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -294,6 +303,11 @@ resource "kubernetes_deployment" "openclaw" {
|
||||||
# Symlink Claude skills into OpenClaw skills directory
|
# Symlink Claude skills into OpenClaw skills directory
|
||||||
ln -sfn /workspace/infra/.claude/skills /openclaw-home/skills
|
ln -sfn /workspace/infra/.claude/skills /openclaw-home/skills
|
||||||
|
|
||||||
|
# Create required directories (owned by node user, UID 1000)
|
||||||
|
mkdir -p /openclaw-home/agents/main/sessions /openclaw-home/credentials /openclaw-home/canvas /openclaw-home/devices /openclaw-home/cron
|
||||||
|
chown -R 1000:1000 /openclaw-home
|
||||||
|
chmod 700 /openclaw-home
|
||||||
|
|
||||||
# Generate kubeconfig from in-cluster ServiceAccount credentials
|
# Generate kubeconfig from in-cluster ServiceAccount credentials
|
||||||
SA_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
|
SA_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
|
||||||
SA_CA=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
SA_CA=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||||
|
|
@ -354,8 +368,8 @@ resource "kubernetes_deployment" "openclaw" {
|
||||||
# Main container: OpenClaw
|
# Main container: OpenClaw
|
||||||
container {
|
container {
|
||||||
name = "openclaw"
|
name = "openclaw"
|
||||||
image = "ghcr.io/openclaw/openclaw:2026.2.9"
|
image = "ghcr.io/openclaw/openclaw:2026.2.26"
|
||||||
command = ["node", "openclaw.mjs", "gateway", "--allow-unconfigured", "--bind", "lan"]
|
command = ["sh", "-c", "node openclaw.mjs doctor --fix 2>/dev/null; exec node openclaw.mjs gateway --allow-unconfigured --bind lan"]
|
||||||
port {
|
port {
|
||||||
container_port = 18789
|
container_port = 18789
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue