Monday, April 06, 2026

Clawbert

This is my scratch pad for setting up and managing openclaw on my synology NAS using docker.


compose.yaml

services:
  openclaw-gateway:
#   image: ghcr.io/openclaw/openclaw:latest
    build: .
    container_name: openclaw-gateway
    hostname: clawbert-brain
    mac_address: 02:42:ac:12:34:56
    user: "1000:1000"
    environment:
      - TZ=America/Chicago
      - HOME=/home/node
      - OPENCLAW__GATEWAY__MODE=local
      - OPENCLAW_BROWSER_WS_ENDPOINT=ws://browserless:3000/?token=XXXX
      - HA_URL=http://10.0.0.114:8123
      - HA_TOKEN=XXXX
      - OPENCLAW_MAX_ITERATIONS=30
      - OPENCLAW_TOKEN=XXXX
    volumes:
      - /volume1/docker/openclaw/config:/home/node/.openclaw
      - /volume1/docker/openclaw/workspace:/home/node/.openclaw/workspace
      - /volume1/docker/openclaw/gog:/usr/local/bin/gog:ro
      - ./clawbert_config/machine-id:/etc/machine-id:ro
      - ./clawbert_config:/home/node/.config
      - ./gogcli_config:/home/node/.config/gogcli
    ports:
      - "18789:18789"
    extra_hosts:
      - "host.docker.internal:host-gateway"
    networks:
      - openclaw-net
    command: ["node", "dist/index.js", "gateway", "--bind", "lan", "--allow-unconfigured"]
    restart: unless-stopped
    depends_on:
      - browserless

  openclaw-cli:
    image: ghcr.io/openclaw/openclaw:latest
    container_name: openclaw-cli
    user: "1000:1000"
    restart: "no"
    entrypoint: ["node", "dist/index.js"]
    volumes:
      - /volume1/docker/openclaw/config:/home/node/.openclaw
      - /volume1/docker/openclaw/workspace:/home/node/.openclaw/workspace

  browserless:
    image: ghcr.io/browserless/chromium:latest
    container_name: openclaw-browser
    restart: unless-stopped
    ports:
      - "3000:3000"
    environment:
      # Optional: Protect your browser so random internet scanners can't use it
      - TOKEN=XXXX
      - CONNECTION_TIMEOUT=6000000
      - MAX_CONCURRENT_SESSIONS=10
      - MAX_QUEUE_LENGTH=5
      - DEFAULT_BLOCK_ADS=true
      - HOST=browserless
    # CRITICAL: Chrome crashes without this shared memory setting
    shm_size: "2gb"
    networks:
      - openclaw-net
    cap_add:
      - SYS_ADMIN
    security_opt:
      - seccomp:unconfined

networks:
  openclaw-net:
    driver: bridge

Dockerfile

# 1. Start with the official OpenClaw image
FROM ghcr.io/openclaw/openclaw:latest

# 2. Switch to root to install system-level tools
USER root

# 3. Install Playwright OS dependencies AND the Google Cloud SDK
RUN apt-get update && apt-get install -y \
    libnss3 libnspr4 libatk1.0-0 libatk-bridge2.0-0 \
    libcups2 libdrm2 libxkbcommon0 libxcomposite1 \
    libxdamage1 libxfixes3 libxrandr2 libgbm1 libasound2 \
    apt-transport-https ca-certificates gnupg curl \
    && curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor -o /usr/share/keyrings/cloud.google.gpg \
    && echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list \
    && apt-get update \
    && apt-get install -y google-cloud-cli \
    && rm -rf /var/lib/apt/lists/*

# 4. Permanently install the official Google Workspace CLI
RUN npm install -g @googleworkspace/cli

RUN chown -R node:node /home/node

# 5. Drop back down to the secure node user for normal operation
USER node

Backups



Updates

docker compose -p clawbert down
docker compose -p clawbert up -d --build --pull always
docker-compose run --rm openclaw-cli doctor --fix
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)