OpenClaw Assistant

__ACCESS_MODE__
Gateway: checking…
🔒 Secure context: checking…
📡 Access mode: __ACCESS_MODE__
💾 Disk: __DISK_USED__ / __DISK_TOTAL__ (__DISK_PCT__) — __DISK_AVAIL__ free
Open Gateway Web UI Open Terminal (full page)
Tips & token help
The gateway UI opens in a separate tab to avoid websocket/proxy issues with Ingress. Set gateway_public_url in add-on options if the button URL is wrong.
If the Gateway UI says Unauthorized, get your token in the terminal: openclaw config get gateway.auth.token
Reverse-proxy recipes (NPM / Caddy / Traefik / Tailscale)
Nginx Proxy Manager (NPM)
Scheme:   https
Forward:  <HA-IP>:18789
WS:       ON
SSL tab:  Request a new SSL certificate (Let's Encrypt or custom)
Caddy
openclaw.example.com {
    reverse_proxy <HA-IP>:18789
}
Traefik (docker labels)
- "traefik.http.routers.openclaw.rule=Host(`openclaw.example.com`)"
- "traefik.http.routers.openclaw.tls.certresolver=le"
- "traefik.http.services.openclaw.loadbalancer.server.port=18789"
Tailscale HTTPS
# 1. Set access_mode to tailnet_https in add-on configuration
# 2. Enable Tailscale HTTPS in your Tailnet admin: DNS → HTTPS Certificates
# 3. On the HA host:  tailscale cert <machine-name>.ts.net
# 4. Set gateway_public_url to https://<machine-name>.ts.net:18789