-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
129 lines (123 loc) · 4.79 KB
/
docker-compose.yml
File metadata and controls
129 lines (123 loc) · 4.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
# ClawHive — Full development stack
# Usage: docker compose up -d
services:
# ── Sandbox Image Builder (OpenClaw tool sandbox image) ──
sandbox-image:
image: "${OPENCLAW_SANDBOX_IMAGE:-clawhive-sandbox:bookworm-slim}"
build:
context: .
dockerfile: Dockerfile.sandbox
profiles: ["sandbox-build"]
command: ["sleep", "infinity"]
# ── Sandbox Browser Image Builder (OpenClaw browser tool) ──
sandbox-browser-image:
image: "${OPENCLAW_SANDBOX_BROWSER_IMAGE:-clawhive-sandbox-browser:bookworm-slim}"
build:
context: .
dockerfile: Dockerfile.sandbox-browser
profiles: ["sandbox-build"]
# ── Router (ClawHive) ──
router:
build:
context: .
dockerfile: Dockerfile
ports:
- "3001:3000"
environment:
PORT: "3000"
LOG_LEVEL: "info"
DATABASE_URL: "postgres://clawhive:changeme@postgres:5432/clawhive"
OPENCLAW_GATEWAY_URL: "http://openclaw:18789"
OPENCLAW_WS_URL: "ws://openclaw:18789"
OPENCLAW_TELEGRAM_INTERNAL_WEBHOOK_URL: "http://openclaw:8788/telegram-webhook"
OPENCLAW_SLACK_INTERNAL_WEBHOOK_URL: "http://openclaw:18789/slack/events"
OPENCLAW_GATEWAY_TOKEN: "${OPENCLAW_GATEWAY_TOKEN}"
JWT_SECRET: "${JWT_SECRET:-change-me-in-production}"
ADMIN_API_KEY: "${ADMIN_API_KEY:-change-me-in-production}"
SLACK_BOT_TOKEN: "${SLACK_BOT_TOKEN:-}"
SLACK_SIGNING_SECRET: "${SLACK_SIGNING_SECRET:-}"
TWILIO_AUTH_TOKEN: "${TWILIO_AUTH_TOKEN:-}"
TELEGRAM_SECRET_TOKEN: "${TELEGRAM_SECRET_TOKEN:-}"
ALLOW_PUBLIC_REGISTER: "${ALLOW_PUBLIC_REGISTER:-}"
INJECTION_POLICY: "${INJECTION_POLICY:-block}"
OPENCLAW_STATE_DIR: "${PWD}/.openclaw-state"
DEVICE_IDENTITY_PRIVATE_PATH: "/home/clawhive/router-identity/private/device-identity.json"
DEVICE_IDENTITY_PUBLIC_PATH: "/home/clawhive/router-identity/public/device-identity.json"
volumes:
- "${PWD}/.openclaw-state:${PWD}/.openclaw-state:ro"
- router_identity_private:/home/clawhive/router-identity/private
- router_identity_public:/home/clawhive/router-identity/public
depends_on:
postgres:
condition: service_healthy
restart: unless-stopped
healthcheck:
test:
[
"CMD",
"node",
"-e",
"fetch('http://localhost:3000/health').then(r=>process.exit(r.ok?0:1)).catch(()=>process.exit(1))",
]
interval: 15s
timeout: 5s
retries: 3
# ── OpenClaw Runtime ──
openclaw:
build:
context: .
dockerfile: Dockerfile.openclaw
ports:
- "18789:18789"
environment:
OPENCLAW_GATEWAY_TOKEN: "${OPENCLAW_GATEWAY_TOKEN}"
ANTHROPIC_API_KEY: "${ANTHROPIC_API_KEY:-}"
OPENAI_API_KEY: "${OPENAI_API_KEY:-}"
OPENCLAW_PRIMARY_MODEL: "${OPENCLAW_PRIMARY_MODEL:-}"
OPENCLAW_FORCE_AGENT_MODEL_OVERRIDES: "${OPENCLAW_FORCE_AGENT_MODEL_OVERRIDES:-false}"
TELEGRAM_BOT_TOKEN: "${TELEGRAM_BOT_TOKEN:-}"
TELEGRAM_SECRET_TOKEN: "${TELEGRAM_SECRET_TOKEN:-}"
TELEGRAM_WEBHOOK_URL: "${TELEGRAM_WEBHOOK_URL:-}"
TELEGRAM_WEBHOOK_PATH: "${TELEGRAM_WEBHOOK_PATH:-/telegram-webhook}"
TELEGRAM_LOCAL_PROXY_PORT: "8788"
OPENCLAW_STATE_DIR: "${PWD}/.openclaw-state"
SLACK_BOT_TOKEN: "${SLACK_BOT_TOKEN:-}"
SLACK_APP_TOKEN: "${SLACK_APP_TOKEN:-}"
SLACK_SIGNING_SECRET: "${SLACK_SIGNING_SECRET:-}"
DISCORD_BOT_TOKEN: "${DISCORD_BOT_TOKEN:-}"
OPENCLAW_SANDBOX_MODE: "${OPENCLAW_SANDBOX_MODE:-all}"
OPENCLAW_SANDBOX_SCOPE: "${OPENCLAW_SANDBOX_SCOPE:-agent}"
OPENCLAW_SANDBOX_WORKSPACE_ACCESS: "${OPENCLAW_SANDBOX_WORKSPACE_ACCESS:-rw}"
OPENCLAW_SANDBOX_NETWORK: "${OPENCLAW_SANDBOX_NETWORK:-bridge}"
OPENCLAW_SANDBOX_IMAGE: "${OPENCLAW_SANDBOX_IMAGE:-clawhive-sandbox:bookworm-slim}"
OPENCLAW_SANDBOX_BROWSER_IMAGE: "${OPENCLAW_SANDBOX_BROWSER_IMAGE:-clawhive-sandbox-browser:bookworm-slim}"
ROUTER_IDENTITY_PUBLIC_PATH: "/data/router-identity/public/device-identity.json"
ROUTER_IDENTITY_WAIT_SEC: "${ROUTER_IDENTITY_WAIT_SEC:-15}"
volumes:
- "${PWD}/.openclaw-state:${PWD}/.openclaw-state"
- openclaw_workspace:/root/clawd
- router_identity_public:/data/router-identity/public:ro
- /var/run/docker.sock:/var/run/docker.sock
restart: unless-stopped
# ── PostgreSQL ──
postgres:
image: postgres:16-bookworm
ports:
- "5433:5432"
environment:
POSTGRES_DB: clawhive
POSTGRES_USER: clawhive
POSTGRES_PASSWORD: changeme
volumes:
- pgdata:/var/lib/postgresql/data
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -U clawhive"]
interval: 10s
timeout: 5s
retries: 5
volumes:
pgdata:
openclaw_workspace:
router_identity_private:
router_identity_public: