Enhance documentation for LAN access and insecure authentication options in OpenClaw Assistant

This commit is contained in:
techartdev
2026-02-02 02:40:34 +02:00
parent 1db5009f0b
commit 5d08325190
+45 -6
View File
@@ -65,9 +65,20 @@ You have two common setups:
If your Home Assistant is already exposed via HTTPS (Nabu Casa, reverse proxy, etc.), use that.
This avoids browser security issues.
#### Option 2: LAN access (http://192.168.x.x)
If you want to open it directly on your LAN, you must ensure OpenClaw binds to LAN.
In the terminal:
#### Option 2: LAN access (http://192.168.x.x) — using add-on options (recommended)
The easiest way to enable LAN access is via the add-on configuration:
1. Go to Home Assistant → **Settings → Add-ons → OpenClaw Assistant → Configuration**
2. Set the following options:
- `gateway_bind_mode`: **lan** (enables LAN binding; use **loopback** for local-only access)
- `gateway_port`: **18789** (or your preferred port)
- `allow_insecure_auth`: **true** (required for HTTP access; see section 4 below)
3. Restart the add-on
The add-on will automatically update OpenClaw's configuration on startup.
#### Option 3: LAN access — manual configuration (advanced)
If you prefer to configure manually via terminal:
```sh
openclaw config set gateway.bind lan
@@ -120,22 +131,46 @@ Put the gateway behind HTTPS (recommended long-term).
Access it as `http://localhost:18789` using SSH port forwarding from your computer.
### Option C — Allow insecure auth (quick workaround; less secure)
In the terminal:
**Via add-on configuration (recommended)**:
1. Go to Home Assistant → **Settings → Add-ons → OpenClaw Assistant → Configuration**
2. Set `allow_insecure_auth`: **true**
3. Restart the add-on
**Via terminal (manual)**:
```sh
openclaw config set gateway.controlUi.allowInsecureAuth true
```
Then restart the add-on.
This allows using the Control UI over LAN HTTP.
---
## 5) Add-on options (custom / HA-specific)
This add-on intentionally keeps options minimal. See `openclaw_assistant/config.yaml`.
This add-on keeps options minimal but practical. See `openclaw_assistant_dev/config.yaml` for the full schema.
### Gateway Network Settings
Control how the OpenClaw gateway binds to the network:
- **`gateway_bind_mode`** (string: **loopback** or **lan**, default **loopback**)
- **loopback**: Bind to 127.0.0.1 only — secure, local access only
- **lan**: Bind to all interfaces — accessible from your local network
- **`gateway_port`** (int, default **18789**)
- Port number for the gateway to listen on
- **`allow_insecure_auth`** (bool, default **false**)
- Allow HTTP authentication for gateway access on LAN
- **WARNING**: Only enable if using HTTP (not HTTPS) for `gateway_public_url`
- Required for browser access over HTTP (see section 4)
These settings are applied automatically on add-on startup. No need to run `openclaw config` commands manually.
### Terminal
- `enable_terminal` (default **true**)
- `enable_terminal` (bool, default **true**)
Security note: the terminal gives shell access inside the add-on container.
@@ -155,6 +190,10 @@ How to provide the key:
- Put the private key file under the add-on config directory so it appears in-container at `/data/keys/...`
- Recommended permissions: `chmod 600`
### Session cleanup
- `clean_session_locks_on_start` (bool, default **true**) — Remove stale lock files on startup
- `clean_session_locks_on_exit` (bool, default **true**) — Remove stale lock files on shutdown
---
## Troubleshooting