viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[ci skip] openclaw: disable sandbox mode for unrestricted execution

Browse source 
- Set agents.defaults.sandbox.mode = off
- Combined with exec.host=gateway and exec.security=full,
  OpenClaw can now run any command on the container host
This commit is contained in:
Viktor Barzin 2026-03-01 16:51:35 +00:00
parent 99881b28e3
commit b2ac69e12b
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
stacks/openclaw/main.tf
View file

@ -89,6 +89,9 @@ resource "kubernetes_config_map" "openclaw_config" {
defaults = {
contextTokens = 1000000
bootstrapMaxChars = 30000
sandbox = {
mode = "off"
}
model = {
primary = "nim/mistralai/mistral-large-3-675b-instruct-2512"
fallbacks = ["nim/nvidia/llama-3.1-nemotron-ultra-253b-v1", "modelrelay/auto-fastest"]