-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcompose.dev.yml
More file actions
87 lines (83 loc) · 2.7 KB
/
compose.dev.yml
File metadata and controls
87 lines (83 loc) · 2.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
# Development compose file. Builds sluice from source.
# Usage: docker compose -f compose.dev.yml up --build
services:
sluice:
build: .
restart: unless-stopped
environment:
- TELEGRAM_BOT_TOKEN=${TELEGRAM_BOT_TOKEN}
- TELEGRAM_CHAT_ID=${TELEGRAM_CHAT_ID}
- SLUICE_AGENT_CONTAINER=openclaw
group_add:
- "${DOCKER_GID:-0}"
volumes:
- ./examples/config.toml:/etc/sluice/config.toml:ro
- sluice-data:/home/sluice/data
- sluice-vault:/home/sluice/.sluice
- sluice-audit:/var/log/sluice
- sluice-ca:/home/sluice/ca
- /var/run/docker.sock:/var/run/docker.sock
healthcheck:
test: ["CMD", "wget", "-qO-", "http://localhost:3000/healthz"]
interval: 10s
timeout: 3s
retries: 3
start_period: 5s
networks:
internal:
ipv4_address: 172.30.0.2
external: {}
tun2proxy:
image: ghcr.io/tun2proxy/tun2proxy-alpine:latest
restart: unless-stopped
cap_add: [NET_ADMIN]
devices:
- /dev/net/tun:/dev/net/tun
command: ["--proxy", "socks5://sluice:1080", "--bypass", "127.0.0.0/8", "--bypass", "::1/128"]
# See compose.yml for the full MCP wiring explanation.
extra_hosts:
- "sluice:172.30.0.2"
healthcheck:
test: ["CMD-SHELL", "ip link show tun0 || exit 1"]
interval: 10s
timeout: 3s
retries: 3
start_period: 5s
networks: [internal]
depends_on:
sluice:
condition: service_healthy
openclaw:
image: ghcr.io/openclaw/openclaw:latest
restart: unless-stopped
container_name: openclaw
network_mode: "service:tun2proxy"
entrypoint: ["/bin/sh", "-c", "[ -f \"$HOME/.openclaw/.env\" ] && set -a && . \"$HOME/.openclaw/.env\" && set +a; exec docker-entrypoint.sh node openclaw.mjs gateway --allow-unconfigured"]
environment:
- HOME=/home/node
- OPENCLAW_GATEWAY_TOKEN=${OPENCLAW_GATEWAY_TOKEN:-}
- SSL_CERT_FILE=/usr/local/share/ca-certificates/sluice/sluice-ca.crt
- REQUESTS_CA_BUNDLE=/usr/local/share/ca-certificates/sluice/sluice-ca.crt
- NODE_EXTRA_CA_CERTS=/usr/local/share/ca-certificates/sluice/sluice-ca.crt
- NPM_CONFIG_PREFIX=/home/node/.npm-global
- PATH=/home/node/.npm-global/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
- NODE_COMPILE_CACHE=/home/node/.node-compile-cache
volumes:
- openclaw-home:/home/node
- sluice-ca:/usr/local/share/ca-certificates/sluice:ro
depends_on:
tun2proxy:
condition: service_healthy
networks:
internal:
internal: true
ipam:
config:
- subnet: 172.30.0.0/24
external: {}
volumes:
sluice-data:
sluice-vault:
sluice-audit:
sluice-ca:
openclaw-home: