Spaces:
Build error
Build error
| import json | |
| import os | |
| from pathlib import Path | |
| def _split_csv_env(name: str) -> list[str]: | |
| raw = os.getenv(name, "") | |
| if not raw: | |
| return [] | |
| return [part.strip() for part in raw.split(",") if part.strip()] | |
| def main() -> int: | |
| token = os.getenv("OPENCLAW_GATEWAY_TOKEN", "").strip() | |
| bind_mode = os.getenv("OPENCLAW_GATEWAY_BIND", "lan").strip() or "lan" | |
| control_ui_base_path = os.getenv("OPENCLAW_CONTROL_UI_BASE_PATH", "/openclaw").strip() or "/openclaw" | |
| allowed_origins = _split_csv_env("OPENCLAW_ALLOWED_ORIGINS") | |
| if not allowed_origins: | |
| # Safe defaults for local diagnostics + HF public Space URL. | |
| allowed_origins = [ | |
| "http://127.0.0.1:7860", | |
| "http://localhost:7860", | |
| "https://researchengineering-agi-assistant.hf.space", | |
| ] | |
| trusted_proxies = _split_csv_env("OPENCLAW_TRUSTED_PROXIES") | |
| if not trusted_proxies: | |
| trusted_proxies = ["127.0.0.1", "::1"] | |
| allow_insecure_auth = os.getenv("OPENCLAW_CONTROL_UI_ALLOW_INSECURE_AUTH", "1").strip() in { | |
| "1", | |
| "true", | |
| "True", | |
| "yes", | |
| "on", | |
| } | |
| disable_device_auth = os.getenv("OPENCLAW_CONTROL_UI_DISABLE_DEVICE_AUTH", "1").strip() in { | |
| "1", | |
| "true", | |
| "True", | |
| "yes", | |
| "on", | |
| } | |
| state_path = Path("/app/.openclaw/state/openclaw.json") | |
| state_path.parent.mkdir(parents=True, exist_ok=True) | |
| data = {} | |
| if state_path.exists(): | |
| try: | |
| data = json.loads(state_path.read_text(encoding="utf-8")) | |
| except Exception: | |
| data = {} | |
| gateway = data.get("gateway", {}) | |
| if not isinstance(gateway, dict): | |
| gateway = {} | |
| gateway["bind"] = bind_mode | |
| if token: | |
| auth = gateway.get("auth", {}) | |
| if not isinstance(auth, dict): | |
| auth = {} | |
| auth["token"] = token | |
| gateway["auth"] = auth | |
| control_ui = gateway.get("controlUi", {}) | |
| if not isinstance(control_ui, dict): | |
| control_ui = {} | |
| control_ui["basePath"] = control_ui_base_path | |
| control_ui["allowedOrigins"] = allowed_origins | |
| control_ui["allowInsecureAuth"] = allow_insecure_auth | |
| # Break-glass for reverse-proxied hosted setups that cannot complete pairing reliably. | |
| control_ui["dangerouslyDisableDeviceAuth"] = disable_device_auth | |
| gateway["controlUi"] = control_ui | |
| gateway["trustedProxies"] = trusted_proxies | |
| data["gateway"] = gateway | |
| state_path.write_text(json.dumps(data, indent=2) + "\n", encoding="utf-8") | |
| print( | |
| "[bootstrap] gateway settings applied:" | |
| f" bind={bind_mode}" | |
| f" basePath={control_ui_base_path}" | |
| f" allowedOrigins={allowed_origins}" | |
| f" trustedProxies={trusted_proxies}" | |
| f" allowInsecureAuth={allow_insecure_auth}" | |
| f" dangerouslyDisableDeviceAuth={disable_device_auth}" | |
| ) | |
| return 0 | |
| if __name__ == "__main__": | |
| raise SystemExit(main()) | |