From e4215ca329de3e0778ac5ec6c102b37e7f128e5c Mon Sep 17 00:00:00 2001 From: Klaatu Date: Fri, 20 Feb 2026 18:44:29 +0000 Subject: [PATCH] Update stack.yml for new volume mounts; add README --- README.md | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ stack.yml | 40 +++++++++++++--------------------------- 2 files changed, 65 insertions(+), 27 deletions(-) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..8b2f26b --- /dev/null +++ b/README.md @@ -0,0 +1,52 @@ +# OpenClaw Deployment + +Custom OpenClaw Gateway build for ARM64 with Google Workspace tools. + +## What's in Here + +- `stack.yml` - Docker Swarm stack for Dokploy +- `docker/` - Custom image build (ARM64 + gog + gcloud) +- `config/` - Runtime configs (volume-mounted) +- `secrets/` - Credentials (volume-mounted, gitignored) +- `AGENTS.md` - Full deployment guide + +## Quick Start + +```bash +# 1. Put your Google OAuth client secret in place +cp /path/to/client_secret.json secrets/google-client-secret.json + +# 2. Build the custom image +cd docker && ./build-arm64.sh + +# 3. Push to your registry +docker tag openclaw:custom-arm64 registry.lan/openclaw:latest +docker push registry.lan/openclaw:latest + +# 4. Deploy +export OPENCLAW_IMAGE=registry.lan/openclaw:latest +docker stack deploy -c stack.yml openclaw + +# 5. Setup gog (Google Workspace) +docker exec -it $(docker ps -q -f name=openclaw-gateway) setup-gog.sh +docker exec -it $(docker ps -q -f name=openclaw-gateway) gog auth add you@gmail.com --services gmail,calendar,drive +``` + +## Custom Image Includes + +- `gog` - Google Workspace CLI (Gmail, Calendar, Drive, Sheets, Docs) +- `gcloud` - Google Cloud SDK +- `jq`, `curl`, `htop`, `tree` - General utilities +- SSH key persistence in named volume + +## Volumes + +| Volume | Mount | Purpose | +|--------|-------|---------| +| `openclaw-config` | `/home/node/.openclaw` | OpenClaw runtime data | +| `openclaw-workspace` | `/home/node/.openclaw/workspace` | Agent workspace | +| `gog-data` | `/data/gog` | gog OAuth tokens | +| Host `./config` | `/data/config` | Config files (ro) | +| Host `./secrets` | `/data/secrets` | Secrets (ro) | + +See `AGENTS.md` for full deployment details. diff --git a/stack.yml b/stack.yml index bb2fe29..762aa27 100644 --- a/stack.yml +++ b/stack.yml @@ -8,9 +8,18 @@ services: TERM: xterm-256color OPENCLAW_GATEWAY_TOKEN: ${OPENCLAW_GATEWAY_TOKEN} MOONSHOT_API_KEY: ${MOONSHOT_API_KEY} + OPENCLAW_CONFIG_DIR: /data/config + GOG_CONFIG_DIR: /data/gog + GOOGLE_APPLICATION_CREDENTIALS: /data/secrets/google-credentials.json + GOG_ACCOUNT: ${GOG_ACCOUNT:-} volumes: - openclaw-config:/home/node/.openclaw - openclaw-workspace:/home/node/.openclaw/workspace + # Mount configs and secrets from host (not baked into image) + - ./config:/data/config:ro + - ./secrets:/data/secrets:ro + # gog OAuth tokens persist here + - gog-data:/data/gog ports: - target: 18789 published: ${OPENCLAW_GATEWAY_PORT:-18789} @@ -28,6 +37,9 @@ services: - node.hostname == tpi-n1 networks: - dokploy-network + # Add Gitea SSH access (if needed for git operations) + extra_hosts: + - "gitea.bendtstudio.com:192.168.2.130" command: [ "node", @@ -39,36 +51,10 @@ services: "18789", ] - # Note: CLI service is interactive and best run locally or via docker run - # Uncomment if you need it for specific use cases - # openclaw-cli: - # image: ${OPENCLAW_IMAGE:-openclaw:local} - # environment: - # HOME: /home/node - # TERM: xterm-256color - # OPENCLAW_GATEWAY_TOKEN: ${OPENCLAW_GATEWAY_TOKEN} - # BROWSER: echo - # MOONSHOT_API_KEY: ${MOONSHOT_API_KEY} - # volumes: - # - openclaw-config:/home/node/.openclaw - # - openclaw-workspace:/home/node/.openclaw/workspace - # stdin_open: true - # tty: true - # init: true - # deploy: - # replicas: 1 - # placement: - # constraints: - # - node.hostname == tpi-n1 - # restart_policy: - # condition: unless-stopped - # networks: - # - dokploy-network - # entrypoint: ["node", "dist/index.js"] - volumes: openclaw-config: openclaw-workspace: + gog-data: networks: dokploy-network: