QQ support#25
Closed
PCBZ wants to merge 72 commits into
Closed
Conversation
Agent-Logs-Url: https://github.com/PCBZ/OpenClaw_Docker/sessions/41ec7809-967e-49e4-ad17-be5169a9a41b Co-authored-by: PCBZ <15225052+PCBZ@users.noreply.github.com>
[WIP] Add empty .gitignore file
…add swap size and Telegram owner ID variables, and update environment configurations
…s, Nemotron, GPT, and Coder
Digital ocean env
remove all other files
…, and secret scanning
Adding actions
remove example Terraform variables file
add detailed README for OpenClaw deployment on DigitalOcean
…mple and update bootstrap script
Slack support
update dmPolicy to allowlist in OpenClaw config
refine README for GCP Cloud Run deployment instructions and clarify p…
CI action
Upgrade 5 2
…ate related scripts
- Created .envrc to auto-load environment variables for Cloudflare. - Added main.tf to define a Cloudflare R2 bucket resource. - Configured provider.tf to set up the Cloudflare provider with API token. - Defined variables in variables.tf for account ID, API token, and bucket name.
…rmissions - openclaw.json.tpl: use dmPolicy allowlist + allowFrom when telegram_owner_id set - gcp_vm/bootstrap.sh: chmod 600 /root/.openclaw/.env after write - gcp_cloudrun/platform.tf + variables.tf: pass telegram_owner_id to shared template - gcp_vm/main.tf: pass telegram_owner_id to shared template Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
PCBZ
added
bug
There was a problem hiding this comment.
Pull request overview
Adds optional QQ bot support to the GCP deployment paths (Compute Engine + Cloud Run) by wiring new QQ credentials through Terraform into the generated openclaw.json and ensuring the QQ plugin is installed/loaded when enabled. It also changes Cloud Run to inject openclaw.json via Secret Manager (rather than storing it in R2) and tightens R2 sync behavior to a whitelist of shared state files.
Changes:
- Add QQ bot variables and conditional enablement (plugin install + config templating) for GCP Compute Engine and Cloud Run.
- Move Cloud Run
openclaw.jsondistribution to Secret Manager and stop uploading config into R2. - Switch R2 sync/restore to a whitelist filter to avoid cross-platform config/auth collisions.
Reviewed changes
Copilot reviewed 12 out of 16 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| terraform/shared/openclaw.json.tpl | Extends shared OpenClaw config template to optionally include QQ plugin load path, entry, and channel config. |
| terraform/gcp_compute_engine/variables.tf | Adds optional QQ bot inputs (app id, client secret, owner id). |
| terraform/gcp_compute_engine/terraform.tfvars.example | Introduces an example tfvars file for the Compute Engine module. |
| terraform/gcp_compute_engine/provider.tf | Adds provider requirements and google provider configuration for the Compute Engine module. |
| terraform/gcp_compute_engine/outputs.tf | Adds helpful outputs (IP, SSH command, gateway health URL). |
| terraform/gcp_compute_engine/main.tf | Wires QQ enablement + template vars into openclaw.json generation and bootstrap vars. |
| terraform/gcp_compute_engine/bootstrap.sh | Conditionally installs QQ plugin and changes R2 sync to a whitelist filter file. |
| terraform/gcp_compute_engine/approve_operator_approvals.py | Adds a helper script to auto-approve operator.approvals for paired devices during bootstrap. |
| terraform/gcp_compute_engine/.envrc | Exposes QQ TF_VARs via direnv. |
| terraform/gcp_cloudrun/variables.tf | Adds optional QQ bot inputs (app id, client secret, owner id). |
| terraform/gcp_cloudrun/secrets.tf | Adds Secret Manager storage for openclaw.json and (optionally) telegram allowlist + QQ secrets. |
| terraform/gcp_cloudrun/rclone-sync.sh | Switches R2 sync to a whitelist filter file (only shared workspace/sessions). |
| terraform/gcp_cloudrun/r2.tf | Removes R2 upload of openclaw.json (config now comes from Secret Manager). |
| terraform/gcp_cloudrun/platform.tf | Wires QQ enablement and template vars; adds optional plugin install command for Cloud Run startup. |
| terraform/gcp_cloudrun/main.tf | Writes openclaw.json/credential files from secrets at startup, updates state/config paths, and injects QQ secrets conditionally. |
| terraform/gcp_cloudrun/.envrc | Exposes QQ TF_VARs via direnv. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
80
to
83
| image = local.effective_container_image | ||
| command = ["/bin/sh"] | ||
| args = ["-lc", "openclaw gateway run --bind lan --port \"$${PORT:-8080}\" --allow-unconfigured"] | ||
| args = ["-lc", "mkdir -p /home/node/.openclaw/agents/main/agent /home/node/.openclaw/credentials; [ -n \"$OPENCLAW_JSON\" ] && printf '%s' \"$OPENCLAW_JSON\" > /home/node/.openclaw/openclaw.json; [ -n \"$TELEGRAM_ALLOW_FROM\" ] && printf '%s' \"$TELEGRAM_ALLOW_FROM\" > /home/node/.openclaw/credentials/telegram-allowFrom.json; printf '{\"openrouter\":{\"apiKey\":\"%s\"}}' \"$OPENROUTER_API_KEY\" > /home/node/.openclaw/agents/main/agent/auth-profiles.json; printf '{\"providers\":{\"openrouter\":{\"baseUrl\":\"https://openrouter.ai/api/v1\",\"api\":\"openai-completions\",\"apiKey\":\"%s\"}}}' \"$OPENROUTER_API_KEY\" > /home/node/.openclaw/agents/main/agent/models.json; openclaw plugins install @openclaw/qqbot; exec openclaw gateway run --bind lan --port \"$${PORT:-8080}\" --allow-unconfigured"] | ||
|
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.