sirtimbly/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init permissions

Browse Source
This commit is contained in:
Tim Bendt
2026-02-20 20:39:41 -05:00
parent 7dec80e217
commit dd6b3aa63d
2 changed files with 58 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
AGENTS.md
View File

@@ -376,9 +376,47 @@ docker build -t registry.lan/openclaw:latest .
**Problem**: Web UI shows "disconnected (1008): pairing required" **Problem**: Web UI shows "disconnected (1008): pairing required"
**Solution**: **Solution**:
1. Check logs for device IDs: `docker logs CONTAINER | grep pairing` 1. Use the built-in CLI approver (recommended):
2. Manually approve devices in paired.json
3. Restart container ```bash
# approve newest pending request
docker exec CONTAINER_NAME node dist/index.js devices approve --latest --token "$OPENCLAW_GATEWAY_TOKEN"
# inspect current state
docker exec CONTAINER_NAME node dist/index.js devices list --token "$OPENCLAW_GATEWAY_TOKEN"
```
2. If using Tailscale Serve, ensure Gateway auth/proxy settings are correct:
```json
{
"gateway": {
"bind": "loopback",
"tailscale": { "mode": "serve" },
"auth": { "allowTailscale": true },
"trustedProxies": ["127.0.0.1", "::1"]
}
}
```
3. If error changes to `device token mismatch`, the browser usually has stale local state.
- Open the Control UI in an Incognito/Private window.
- Re-paste gateway token in settings, or open a tokenized URL from:
```bash
docker exec CONTAINER_NAME node dist/index.js dashboard --no-open
```
4. If needed, only clear pending requests (not full config):
```bash
docker exec CONTAINER_NAME sh -c 'echo {} > /home/node/.openclaw/devices/pending.json'
```
**Notes**:
- Remote browsers (LAN/Tailscale) still require one-time device pairing.
- Localhost (`127.0.0.1`) auto-approves.
- Config edits trigger Gateway reload/restart automatically; container restart is usually unnecessary.
### Permission Denied Errors ### Permission Denied Errors

17
docker-compose.yml
View File

@@ -1,6 +1,20 @@
version: "3.8" version: "3.8"
services: services:
openclaw-init-perms:
image: alpine:3.20
container_name: openclaw-init-perms
restart: "no"
command:
[
"sh",
"-c",
"mkdir -p /config /workspace && chown -R 1000:1000 /config /workspace && chmod 755 /config /workspace",
]
volumes:
- openclaw-config:/config
- openclaw-workspace:/workspace
openclaw-gateway: openclaw-gateway:
build: build:
context: ./docker context: ./docker
@@ -10,6 +24,9 @@ services:
image: openclaw:custom-arm64 image: openclaw:custom-arm64
container_name: openclaw-gateway container_name: openclaw-gateway
restart: unless-stopped restart: unless-stopped
depends_on:
openclaw-init-perms:
condition: service_completed_successfully
environment: environment:
HOME: /home/node HOME: /home/node
TERM: xterm-256color TERM: xterm-256color