dannydannydanny/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
dotfiles/nixos/home/danny/openclaw.nix
DannyDannyDanny 494bc8a5f4 Fix OpenClaw gateway launch: binary renamed openclaw, add gateway subcommand 
The nix-openclaw package renamed the binary from openclaw-gateway to
openclaw, and the gateway now runs as a subcommand. Also adds CLAUDE.md
and openclaw-todo.md.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-20 09:36:39 +01:00

76 lines
2.8 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# OpenClaw (AI assistant gateway) Telegram, launchd, documents.
# Documents (SOUL.md, TOOLS.md, etc.) come from a separate repo via the flake input
# openclaw-documents (see flake.nix; override with e.g. github:you/openclaw-documents).
# Secrets (not in repo):
# ~/.secrets/telegram-bot-token
# ~/.secrets/openclaw-gateway-token (one line, gateway auth token)
# nixos/home/danny/openclaw-allow-from.nix (gitignored; copy from .example)
# After editing, run: darwin-rebuild switch --flake . (from ~/dotfiles/nixos)
{ config, lib, pkgs, openclaw-documents, ... }:
let
# Telegram user IDs from gitignored file so we don't commit them
allowFromPath = ./. + "/openclaw-allow-from.nix";
allowFrom = if builtins.pathExists allowFromPath then import allowFromPath else [ ];
in
{
programs.openclaw = {
enable = true;
# Flake input: use .source (in-repo and separate-repo flakes expose source = ./.)
documents = openclaw-documents.source or openclaw-documents.outPath or openclaw-documents;
config = { };
instances.default = {
enable = true;
config = {
gateway = {
mode = "local";
auth.token = ""; # loaded from ~/.secrets/openclaw-gateway-token via wrapper
};
channels.telegram = {
tokenFile = "/Users/danny/.secrets/telegram-bot-token";
allowFrom = allowFrom;
groups."*" = { requireMention = true; };
};
};
plugins = [
# e.g. { source = "github:openclaw/nix-steipete-tools?dir=tools/summarize"; }
];
};
};
# Wrapper loads gateway token from file and execs the real gateway (keeps token out of store)
home.file.".local/bin/openclaw-gateway-wrapper" = {
source = ./openclaw-gateway-wrapper.sh;
executable = true;
};
# TODO: Remove this bloat (see dotfiles TODO.md). Back up as target user so HM can overwrite.
home.activation.backupOpenclawBeforeSwitch = lib.hm.dag.entryBefore [ "linkGeneration" ] ''
OPENCLAW="${config.home.homeDirectory}/.openclaw"
USER="${config.home.username}"
if [ -d "$OPENCLAW" ]; then
for f in "$OPENCLAW"/workspace/*.md "$OPENCLAW"/openclaw.json; do
[ -e "$f" ] && [ ! -L "$f" ] && (sudo -u "$USER" mv -n "$f" "$f.backup" 2>/dev/null || true)
done
fi
'';
home.file.".openclaw/openclaw.json".force = true;
# Override launchd agent to run wrapper so OPENCLAW_GATEWAY_TOKEN is set from file at runtime.
# Do not reference config.launchd.agents."..." here (causes infinite recursion).
launchd.agents."com.steipete.openclaw.gateway" = lib.mkForce {
enable = true;
config = {
ProgramArguments = [
(config.home.homeDirectory + "/.local/bin/openclaw-gateway-wrapper")
"${pkgs.openclaw}/bin/openclaw"
"gateway"
];
RunAtLoad = true;
KeepAlive = true;
};
};
}
Reference in a new issue View git blame Copy permalink