- Introduced a new script `render_nginx.py` to generate nginx configuration and landing page HTML from templates based on environment variables.
- Updated `run.sh` to handle new access modes and configure HTTPS proxy settings for the gateway.
- Implemented TLS certificate generation for the built-in HTTPS proxy in `lan_https` mode.
- Enhanced disk usage reporting in the landing page.
- Updated translations for various languages to include new configuration options for access modes and authentication modes.
Environment variables are fully handled by run.sh:
- run.sh reads gateway_env_vars from options.json
- run.sh validates variable names (alphanumeric + underscore)
- run.sh enforces max 50 variables and 255 char name limit
- run.sh exports to process environment
oc_config_helper.py now only manages gateway config (mode, port, bind).
Removes:
- env_vars parameter from apply_gateway_settings()
- All env var parsing and validation from Python helper
- MAX_ENV_VARS constants
- env_vars CLI argument
Environment variables should NOT be saved to openclaw.json config.
Instead, they are injected directly into the gateway process via run.sh.
Flow:
options.json (gateway_env_vars) → run.sh (export) → gateway process env
Changes:
- Remove cfg["env"] initialization from apply_gateway_settings
- Only validate env vars format and size limits in oc_config_helper.py
- Log validated vars but don't persist them to config
- run.sh remains responsible for parsing and exporting to process env
- Cleaner separation of concerns: helpers validates, run.sh exports
Benefits:
- More idiomatic configuration format for Home Assistant add-ons
- config.yaml: Change default from empty string to empty YAML map
- config.yaml: Update schema type from str? to map(str)?
- config.yaml: Improve documentation to explain YAML map usage
- run.sh: Parse JSON object from jq using to_entries instead of semicolon splitting
- oc_config_helper.py: Accept JSON string and parse as dict instead of semicolon-separated values
- Better error handling for invalid JSON
- Cleaner and more maintainable parsing logic
This allows users to configure environment variables more naturally:
gateway_env_vars:
OPENAI_API_KEY: sk-abc123
SERVICE_URL: https://api.example.com
- Add max limits (50 vars, 255 char names, 10000 char values)
- Validate variable names with regex
- Warn about duplicate variables
- Show var names in logs (not just count)
- Improve bash parsing with process substitution
- Better config documentation with examples
- Add 'gateway_env_vars' configuration option to addon config
- Parse semicolon-separated KEY=VALUE pairs from add-on options
- Export environment variables to gateway process at startup
- Store parsed env vars in openclaw.json (gateway.env)
Allows users to pass custom environment variables to the gateway via
Home Assistant add-on configuration, e.g.:
gateway_env_vars: 'SERVICE_API_KEY=123;SERVICE2_API=1231'
These variables are exported to the gateway process and can be used
for API authentication, feature flags, or other configuration needs.
OpenClaw natively supports 'tailnet' and 'auto' bind modes but the
addon rejected them in oc_config_helper.py validation and the config.yaml
schema didn't list them as valid options.
- oc_config_helper.py: expand bind_mode validation to accept 'tailnet'
and 'auto' in addition to 'loopback' and 'lan'
- config.yaml: add 'tailnet' and 'auto' to schema and document them
in the options comments
Users running Tailscale as a separate HA addon (non-userspace mode)
can now set gateway_bind_mode: tailnet to restrict gateway access
exclusively to their Tailscale network — no iptables rules needed.
Closes#59
- Added rsync to Dockerfile for improved file synchronization.
- Bumped version to 0.5.41 in config.yaml.
- Implemented skill synchronization and persistent storage management in run.sh.