viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[ci skip] openclaw: add Telegram channel + install terragrunt in init container

Browse source 
- Add Telegram bot integration (DM allowlist, user 8281953845 only)
- Install terragrunt v0.99.4 in init container alongside terraform
- Remove terraform init from init (terragrunt handles this per-stack)
- Add openclaw_telegram_bot_token variable
This commit is contained in:
Viktor Barzin 2026-03-01 13:44:58 +00:00
parent 014f6cad5a
commit e728f4c106
1 changed files with 18 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

22
stacks/openclaw/main.tf
View file

@ -5,6 +5,7 @@ variable "llama_api_key" { type = string }
variable "brave_api_key" { type = string } variable "brave_api_key" { type = string }
variable "openrouter_api_key" { type = string } variable "openrouter_api_key" { type = string }
variable "nvidia_api_key" { type = string } variable "nvidia_api_key" { type = string }
variable "openclaw_telegram_bot_token" { type = string }
variable "nfs_server" { type = string } variable "nfs_server" { type = string }
@ -126,6 +127,15 @@ resource "kubernetes_config_map" "openclaw_config" {
} }
} }
} }
channels = {
telegram = {
enabled = true
botToken = var.openclaw_telegram_bot_token
dmPolicy = "allowlist"
allowFrom = ["tg:8281953845"]
historyLimit = 50
}
}
models = { models = {
mode = "merge" mode = "merge"
providers = { providers = {
@ -199,7 +209,7 @@ resource "kubernetes_deployment" "openclaw" {
spec { spec {
service_account_name = kubernetes_service_account.openclaw.metadata[0].name service_account_name = kubernetes_service_account.openclaw.metadata[0].name
# Init container: Download tools + clone repo + terraform init (parallelized) # Init container: Download tools + clone repo (parallelized)
init_container { init_container {
name = "setup" name = "setup"
image = "alpine:3.20" image = "alpine:3.20"
@ -229,6 +239,10 @@ resource "kubernetes_deployment" "openclaw" {
(curl -sL --retry 3 --retry-delay 5 "https://releases.hashicorp.com/terraform/1.14.5/terraform_1.14.5_linux_amd64.zip" -o /tmp/tf.zip && unzip -q /tmp/tf.zip -d /tools && chmod +x /tools/terraform && rm /tmp/tf.zip) & (curl -sL --retry 3 --retry-delay 5 "https://releases.hashicorp.com/terraform/1.14.5/terraform_1.14.5_linux_amd64.zip" -o /tmp/tf.zip && unzip -q /tmp/tf.zip -d /tools && chmod +x /tools/terraform && rm /tmp/tf.zip) &
PID_TF=$! PID_TF=$!
# terragrunt
(curl -sL --retry 3 --retry-delay 5 "https://github.com/gruntwork-io/terragrunt/releases/download/v0.99.4/terragrunt_linux_amd64" -o /tools/terragrunt && chmod +x /tools/terragrunt) &
PID_TG=$!
# git-crypt (already installed via apk) # git-crypt (already installed via apk)
cp /usr/bin/git-crypt /tools/git-crypt cp /usr/bin/git-crypt /tools/git-crypt
@ -243,6 +257,8 @@ resource "kubernetes_deployment" "openclaw" {
# Wait for all parallel tasks # Wait for all parallel tasks
wait $PID_KUBECTL || { echo "kubectl download failed"; exit 1; } wait $PID_KUBECTL || { echo "kubectl download failed"; exit 1; }
wait $PID_TF || { echo "terraform download failed"; exit 1; }
wait $PID_TG || { echo "terragrunt download failed"; exit 1; }
wait $PID_GIT || { echo "git clone/pull failed"; exit 1; } wait $PID_GIT || { echo "git clone/pull failed"; exit 1; }
# Unlock git-crypt (needs clone done) # Unlock git-crypt (needs clone done)
@ -281,9 +297,7 @@ resource "kubernetes_deployment" "openclaw" {
token: $SA_TOKEN token: $SA_TOKEN
KUBEEOF KUBEEOF
# Terraform init (needs terraform + clone done) echo "Setup complete: kubectl, terraform, terragrunt, git-crypt installed"
wait $PID_TF || { echo "terraform download failed"; exit 1; }
/tools/terraform init
EOF EOF
] ]
env { env {