forked from simple10/openclaw-stack
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathstack.yml.example
More file actions
141 lines (126 loc) · 5.92 KB
/
stack.yml.example
File metadata and controls
141 lines (126 loc) · 5.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
# stack.yml — OpenClaw stack configuration
# Gitignored. Created from: cp stack.yml.example stack.yml
#
# ${VAR} references are resolved from .env during pre-deploy.
# ${VAR:-default} syntax supported for defaults.
# You can hardcode values directly — .env references are a convenience.
# ── VPS Host ──────────────────────────────────────────────────
# Set host to false to skip host-level config (secondary stacks on shared VPS)
# host: false
# Each stack self registers to /etc/openclaw-stacks regardless of host config
# Only one stack needs to enable host for backup and host-alerter scripts to get installed
# Host scripts check /etc/openclaw-stacks to discover all stacks running on the VPS
host:
hostname: ${HOSTNAME}
host_alerter:
telegram_bot_token: ${HOSTALERT_TELEGRAM_BOT_TOKEN}
telegram_chat_id: ${HOSTALERT_TELEGRAM_CHAT_ID}
daily_report: "9:30 AM PST"
# ── Stack ─────────────────────────────────────────────────────
stack:
install_dir: /home/openclaw
project_name: ${PROJECT_NAME:-openclaw-stack}
# Docker compose template to use for building this stack
compose_template: docker-compose.yml.hbs
sandbox_toolkit: openclaw/default/sandbox-toolkit.yaml
openclaw:
version: stable # stable | latest | v2026.2.26
source: https://github.com/openclaw/openclaw.git
cloudflare:
tunnel_token: ${CLOUDFLARE_TUNNEL_TOKEN}
ai_gateway:
url: ${AI_GATEWAY_URL}
token: ${AI_GATEWAY_TOKEN}
logging:
worker_url: ${LOG_WORKER_URL}
worker_token: ${LOG_WORKER_TOKEN}
vector: true
events: true
llemtry: true
# Local Docker registry for sharing sandbox images between claws.
# First claw to build pushes images; others pull (~30s vs ~15min build).
sandbox_registry:
token: ${SANDBOX_REGISTRY_TOKEN:-} # auto-generated if empty
port: 5100 # host port (own registry)
log_level: warn # error|warn|info|debug
# OR: use another stack's registry (no container in this stack):
# url: "10.0.0.1:5100" # set url instead of port
# Egress proxy sidecar — routes requests through VPS IP to bypass WAF blocks
# on Cloudflare Worker IPs (e.g. chatgpt.com blocking openai-codex requests).
# Runs behind the Cloudflare Tunnel — no public host ports exposed.
# Requires a tunnel route: hostname → http://<project_name>-egress-proxy:8787
egress_proxy:
port: 8787
auth_token: ${EGRESS_PROXY_AUTH_TOKEN:-} # auto-generated if empty
log_level: info # info | debug (debug logs outbound headers)
# Total VPS resource budget for this stack
# Percentages are resolved against actual VPS capacity via SSH during pre-deploy.
# Integers are used as-is (absolute values).
resources:
max_cpu: 90%
max_mem: 90%
# ── Claw Defaults ─────────────────────────────────────────────
# All claws inherit these. Per-claw settings override via deep merge.
defaults:
allow_updates: true # Allow openclaw to update in-place
health_check_cron: false
domain_path: ""
dashboard_path: /dashboard
telegram:
enabled: true
allow_from: ${ADMIN_TELEGRAM_ID}
# Matrix channel (optional — alternative or complement to Telegram)
# Enable per-claw by setting matrix.enabled: true and providing an access token.
# Full config reference: https://docs.openclaw.ai/channels/matrix
# Setup guide: docs/MATRIX.md
#
# Rendered into docker-compose.yml (controlled via stack.yml + .env):
# enabled, homeserver, access_token
# Requires direct openclaw.jsonc edit or Control UI (not rendered from stack.yml):
# encryption, dm_policy, group_policy, auto_join, groups (room allowlist)
matrix:
enabled: false
homeserver: "https://matrix.org"
# Not rendered — configure in per-claw openclaw.jsonc or via Control UI:
# dm_policy: pairing # pairing | open | closed
# group_policy: allowlist # allowlist | open | closed
# encryption: false # true requires E2EE crypto — see docs/MATRIX.md §E2EE
# auto_join: always # always | allowlist | never
# groups: {} # room allowlist — see docs/MATRIX.md §Rooms
resources:
cpus: 6
memory: 12G
openclaw_json: openclaw/default/openclaw.jsonc
# ── Claws ─────────────────────────────────────────────────────
# Each key → container: openclaw-<key>
# Deep-merged with defaults (claw values win at any depth).
claws:
personal-claw:
domain: openclaw.${ROOT_DOMAIN}
gateway_port: 18789
dashboard_port: 6090
telegram:
bot_token: ${PERSONAL_CLAW_TELEGRAM_BOT_TOKEN}
# matrix:
# enabled: true
# access_token: ${CLAW_NAME_MATRIX_ACCESS_TOKEN} # Access token for the Matrix bot account, set per claw
# # homeserver: "https://matrix.org" # Override stack-wide default if needed
health_check_cron: true # Enable health check cron on the main claw - not needed on each claw
# work-claw:
# domain: openclaw-work.${ROOT_DOMAIN}
# allow_updates: false # Prevent work-claw from auto updating
# gateway_port: 18790
# dashboard_port: 6091
# telegram:
# bot_token: ${WORK_CLAW_TELEGRAM_BOT_TOKEN}
# resources:
# cpus: 20
# memory: 64G
# Example claw config with coordinator plugin enabled to route skills to sub-agents
# skill-router-claw:
# openclaw_json: openclaw/default/openclaw.router.jsonc
# domain: openclaw-skills.${ROOT_DOMAIN}
# gateway_port: 18790
# dashboard_port: 6091
# telegram:
# bot_token: ${SKILLS_CLAW_TELEGRAM_BOT_TOKEN}