Update gateway settings and translations for allow_insecure_auth option
This commit is contained in:
@@ -1,5 +1,5 @@
|
|||||||
name: OpenClaw Assistant
|
name: OpenClaw Assistant
|
||||||
version: "0.5.26"
|
version: "0.5.27"
|
||||||
slug: openclaw_assistant
|
slug: openclaw_assistant
|
||||||
description: Run OpenClaw Assistant (OpenClaw-compatible) as a Home Assistant add-on.
|
description: Run OpenClaw Assistant (OpenClaw-compatible) as a Home Assistant add-on.
|
||||||
url: https://github.com/techartdev/OpenClawHomeAssistant
|
url: https://github.com/techartdev/OpenClawHomeAssistant
|
||||||
@@ -56,6 +56,11 @@ options:
|
|||||||
# Gateway port to listen on
|
# Gateway port to listen on
|
||||||
gateway_port: 18789
|
gateway_port: 18789
|
||||||
|
|
||||||
|
# Allow insecure HTTP authentication (required for HTTP gateway access on LAN)
|
||||||
|
# WARNING: Only enable if you're using HTTP (not HTTPS) for gateway_public_url
|
||||||
|
# Default is false for security.
|
||||||
|
allow_insecure_auth: false
|
||||||
|
|
||||||
|
|
||||||
schema:
|
schema:
|
||||||
timezone: str
|
timezone: str
|
||||||
@@ -71,4 +76,5 @@ schema:
|
|||||||
clean_session_locks_on_exit: bool?
|
clean_session_locks_on_exit: bool?
|
||||||
gateway_bind_mode: list(loopback|lan)?
|
gateway_bind_mode: list(loopback|lan)?
|
||||||
gateway_port: int(1,65535)?
|
gateway_port: int(1,65535)?
|
||||||
|
allow_insecure_auth: bool?
|
||||||
|
|
||||||
|
|||||||
@@ -57,13 +57,14 @@ def set_gateway_setting(key, value):
|
|||||||
return write_config(cfg)
|
return write_config(cfg)
|
||||||
|
|
||||||
|
|
||||||
def apply_bind_mode_settings(bind_mode: str, port: int):
|
def apply_gateway_settings(bind_mode: str, port: int, allow_insecure_auth: bool):
|
||||||
"""
|
"""
|
||||||
Apply bind mode settings to OpenClaw config.
|
Apply gateway settings to OpenClaw config.
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
bind_mode: "loopback" or "lan"
|
bind_mode: "loopback" or "lan"
|
||||||
port: Port number to listen on (must be 1-65535)
|
port: Port number to listen on (must be 1-65535)
|
||||||
|
allow_insecure_auth: Allow insecure HTTP authentication
|
||||||
"""
|
"""
|
||||||
# Validate bind mode
|
# Validate bind mode
|
||||||
if bind_mode not in ["loopback", "lan"]:
|
if bind_mode not in ["loopback", "lan"]:
|
||||||
@@ -84,8 +85,15 @@ def apply_bind_mode_settings(bind_mode: str, port: int):
|
|||||||
|
|
||||||
gateway = cfg["gateway"]
|
gateway = cfg["gateway"]
|
||||||
|
|
||||||
|
# controlUi should be nested inside gateway
|
||||||
|
if "controlUi" not in gateway:
|
||||||
|
gateway["controlUi"] = {}
|
||||||
|
|
||||||
|
control_ui = gateway["controlUi"]
|
||||||
|
|
||||||
current_bind = gateway.get("bind", "")
|
current_bind = gateway.get("bind", "")
|
||||||
current_port = gateway.get("port", 18789)
|
current_port = gateway.get("port", 18789)
|
||||||
|
current_insecure = control_ui.get("allowInsecureAuth", False)
|
||||||
|
|
||||||
changes = []
|
changes = []
|
||||||
|
|
||||||
@@ -93,11 +101,14 @@ def apply_bind_mode_settings(bind_mode: str, port: int):
|
|||||||
gateway["bind"] = bind_mode
|
gateway["bind"] = bind_mode
|
||||||
changes.append(f"bind: {current_bind} -> {bind_mode}")
|
changes.append(f"bind: {current_bind} -> {bind_mode}")
|
||||||
|
|
||||||
# Always update port when it differs from the desired value
|
|
||||||
if current_port != port:
|
if current_port != port:
|
||||||
gateway["port"] = port
|
gateway["port"] = port
|
||||||
changes.append(f"port: {current_port} -> {port}")
|
changes.append(f"port: {current_port} -> {port}")
|
||||||
|
|
||||||
|
if current_insecure != allow_insecure_auth:
|
||||||
|
control_ui["allowInsecureAuth"] = allow_insecure_auth
|
||||||
|
changes.append(f"allowInsecureAuth: {current_insecure} -> {allow_insecure_auth}")
|
||||||
|
|
||||||
if changes:
|
if changes:
|
||||||
if write_config(cfg):
|
if write_config(cfg):
|
||||||
print(f"INFO: Updated gateway settings: {', '.join(changes)}")
|
print(f"INFO: Updated gateway settings: {', '.join(changes)}")
|
||||||
@@ -106,7 +117,7 @@ def apply_bind_mode_settings(bind_mode: str, port: int):
|
|||||||
print("ERROR: Failed to write config")
|
print("ERROR: Failed to write config")
|
||||||
return False
|
return False
|
||||||
else:
|
else:
|
||||||
print(f"INFO: Gateway settings already correct (bind={bind_mode}, port={port})")
|
print(f"INFO: Gateway settings already correct (bind={bind_mode}, port={port}, allowInsecureAuth={allow_insecure_auth})")
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
@@ -118,13 +129,14 @@ def main():
|
|||||||
|
|
||||||
cmd = sys.argv[1]
|
cmd = sys.argv[1]
|
||||||
|
|
||||||
if cmd == "apply-bind-mode":
|
if cmd == "apply-gateway-settings":
|
||||||
if len(sys.argv) != 4:
|
if len(sys.argv) != 5:
|
||||||
print("Usage: oc_config_helper.py apply-bind-mode <loopback|lan> <port>")
|
print("Usage: oc_config_helper.py apply-gateway-settings <loopback|lan> <port> <true|false>")
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
bind_mode = sys.argv[2]
|
bind_mode = sys.argv[2]
|
||||||
port = int(sys.argv[3])
|
port = int(sys.argv[3])
|
||||||
success = apply_bind_mode_settings(bind_mode, port)
|
allow_insecure_auth = sys.argv[4].lower() == "true"
|
||||||
|
success = apply_gateway_settings(bind_mode, port, allow_insecure_auth)
|
||||||
sys.exit(0 if success else 1)
|
sys.exit(0 if success else 1)
|
||||||
|
|
||||||
elif cmd == "get":
|
elif cmd == "get":
|
||||||
|
|||||||
@@ -30,6 +30,7 @@ CLEAN_LOCKS_ON_EXIT=$(jq -r '.clean_session_locks_on_exit // true' "$OPTIONS_FIL
|
|||||||
# Gateway bind mode (loopback or lan)
|
# Gateway bind mode (loopback or lan)
|
||||||
GATEWAY_BIND_MODE=$(jq -r '.gateway_bind_mode // "loopback"' "$OPTIONS_FILE")
|
GATEWAY_BIND_MODE=$(jq -r '.gateway_bind_mode // "loopback"' "$OPTIONS_FILE")
|
||||||
GATEWAY_PORT=$(jq -r '.gateway_port // 18789' "$OPTIONS_FILE")
|
GATEWAY_PORT=$(jq -r '.gateway_port // 18789' "$OPTIONS_FILE")
|
||||||
|
ALLOW_INSECURE_AUTH=$(jq -r '.allow_insecure_auth // false' "$OPTIONS_FILE")
|
||||||
|
|
||||||
export TZ="$TZNAME"
|
export TZ="$TZNAME"
|
||||||
|
|
||||||
@@ -202,10 +203,10 @@ fi
|
|||||||
|
|
||||||
if [ -f "$OPENCLAW_CONFIG_PATH" ]; then
|
if [ -f "$OPENCLAW_CONFIG_PATH" ]; then
|
||||||
if [ -f "$HELPER_PATH" ]; then
|
if [ -f "$HELPER_PATH" ]; then
|
||||||
if ! python3 "$HELPER_PATH" apply-bind-mode "$GATEWAY_BIND_MODE" "$GATEWAY_PORT"; then
|
if ! python3 "$HELPER_PATH" apply-gateway-settings "$GATEWAY_BIND_MODE" "$GATEWAY_PORT" "$ALLOW_INSECURE_AUTH"; then
|
||||||
rc=$?
|
rc=$?
|
||||||
echo "ERROR: Failed to apply gateway bind mode via oc_config_helper.py (exit code ${rc})."
|
echo "ERROR: Failed to apply gateway settings via oc_config_helper.py (exit code ${rc})."
|
||||||
echo "ERROR: Gateway bind configuration may be incorrect; aborting startup."
|
echo "ERROR: Gateway configuration may be incorrect; aborting startup."
|
||||||
exit "${rc}"
|
exit "${rc}"
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
|
|||||||
@@ -42,3 +42,7 @@ configuration:
|
|||||||
gateway_port:
|
gateway_port:
|
||||||
name: Порт на Gateway
|
name: Порт на Gateway
|
||||||
description: Номер на порт, на който OpenClaw gateway да слуша (по подразбиране - 18789)
|
description: Номер на порт, на който OpenClaw gateway да слуша (по подразбиране - 18789)
|
||||||
|
|
||||||
|
allow_insecure_auth:
|
||||||
|
name: Разрешаване на HTTP автентикация
|
||||||
|
description: Разрешаване на HTTP автентикация за достъп до gateway в локалната мрежа. ВНИМАНИЕ - Активирайте само ако използвате HTTP (не HTTPS) за gateway_public_url. Необходимо за достъп от браузър през HTTP.
|
||||||
|
|||||||
@@ -42,3 +42,7 @@ configuration:
|
|||||||
gateway_port:
|
gateway_port:
|
||||||
name: Gateway-Port
|
name: Gateway-Port
|
||||||
description: Portnummer, auf der das OpenClaw-Gateway lauscht (Standard - 18789)
|
description: Portnummer, auf der das OpenClaw-Gateway lauscht (Standard - 18789)
|
||||||
|
|
||||||
|
allow_insecure_auth:
|
||||||
|
name: Unsichere HTTP-Authentifizierung erlauben
|
||||||
|
description: HTTP-Authentifizierung für Gateway-Zugriff im LAN erlauben. WARNUNG - Nur aktivieren, wenn HTTP (nicht HTTPS) für gateway_public_url verwendet wird. Erforderlich für Browser-Zugriff über HTTP.
|
||||||
|
|||||||
@@ -42,3 +42,7 @@ configuration:
|
|||||||
gateway_port:
|
gateway_port:
|
||||||
name: Gateway Port
|
name: Gateway Port
|
||||||
description: Port number for the OpenClaw gateway to listen on (default - 18789)
|
description: Port number for the OpenClaw gateway to listen on (default - 18789)
|
||||||
|
|
||||||
|
allow_insecure_auth:
|
||||||
|
name: Allow Insecure HTTP Auth
|
||||||
|
description: Allow HTTP authentication for gateway access on LAN. WARNING - Only enable if using HTTP (not HTTPS) for gateway_public_url. Required for browser access over HTTP.
|
||||||
|
|||||||
@@ -42,3 +42,7 @@ configuration:
|
|||||||
gateway_port:
|
gateway_port:
|
||||||
name: Puerto del Gateway
|
name: Puerto del Gateway
|
||||||
description: Número de puerto en el que el gateway de OpenClaw escuchará (predeterminado - 18789)
|
description: Número de puerto en el que el gateway de OpenClaw escuchará (predeterminado - 18789)
|
||||||
|
|
||||||
|
allow_insecure_auth:
|
||||||
|
name: Permitir autenticación HTTP insegura
|
||||||
|
description: Permitir autenticación HTTP para acceso al gateway en LAN. ADVERTENCIA - Solo habilitar si usa HTTP (no HTTPS) para gateway_public_url. Requerido para acceso desde navegador por HTTP.
|
||||||
|
|||||||
Reference in New Issue
Block a user