penal-colony/nixos-vps
2
0
Fork 1
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

.

Browse source
This commit is contained in:
ashisgreat22 2026-03-21 20:23:32 +00:00
parent ad55793d41
commit 6b64254eab
11 changed files with 155 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

53
modules/openclaw-podman.nix
View file

@ -52,6 +52,7 @@ in
# Create directory for OpenClaw data
systemd.tmpfiles.rules = [
"d /var/lib/openclaw 0755 1000 1000 -" # Assuming node user is uid 1000
"d /var/lib/openclaw/local 0755 1000 1000 -" # For Go toolchain
];
# OpenClaw container (bridge network — isolated from host services)
@ -63,6 +64,7 @@ in
];
volumes = [
"/var/lib/openclaw:/home/node/.openclaw"
"/var/lib/openclaw/local:/home/node/.local"
] ++ lib.optionals cfg.superpowers.enable [
"${cfg.superpowers.src}:/home/node/superpowers-src:ro"
];
@ -71,7 +73,7 @@ in
# Copy the declarative config before starting the container
# This allows OpenClaw to safely write/rename the file at runtime without EBUSY errors
systemd.services."podman-openclaw".preStart = lib.mkBefore ''
mkdir -p /var/lib/openclaw
mkdir -p /var/lib/openclaw/local
cp -f ${./openclaw-config.json} /var/lib/openclaw/openclaw.json
chown -R 1000:1000 /var/lib/openclaw
chmod -R u+rwX /var/lib/openclaw
@ -100,13 +102,56 @@ in
''}
'';
# Go toolchain installation script
# Stored in /var/lib/openclaw and executed inside the container
environment.etc."openclaw/install-go.sh".source = pkgs.writeScript "install-go.sh" ''
#!/bin/bash
set -e
GO_URL="https://go.dev/dl/go1.24.1.linux-amd64.tar.gz"
GO_DIR="/home/node/.local/go"
if [ -d "$GO_DIR" ]; then
echo "Go already installed at $GO_DIR"
exit 0
fi
echo "Installing Go toolchain"
mkdir -p /home/node/.local
if command -v curl &> /dev/null; then
curl -fsSL "$GO_URL" | tar -C /home/node/.local -xzf -
elif command -v wget &> /dev/null; then
wget -qO- "$GO_URL" | tar -C /home/node/.local -xzf -
else
echo "ERROR - Neither curl nor wget available"
exit 1
fi
echo "Go installed successfully"
"$GO_DIR/bin/go" version
'';
# Go toolchain installation
# Downloads Go to a persistent volume for use inside the container
systemd.services."openclaw-go-setup" = {
description = "Install Go toolchain for OpenClaw";
after = [ "podman-openclaw.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
# Copy script to container-accessible location, then execute
ExecStart = "${pkgs.bash}/bin/bash -c 'cp /etc/openclaw/install-go.sh /var/lib/openclaw/ && chmod +x /var/lib/openclaw/install-go.sh && ${pkgs.podman}/bin/podman exec -u node openclaw /home/node/.openclaw/install-go.sh'";
RemainAfterExit = true;
};
};
# Optional: Install PyYAML inside the container on startup
# We do this as a postStart or a simple background loop if needed,
# but a better way is to ensure the image has it.
# We do this as a postStart or a simple background loop if needed,
# but a better way is to ensure the image has it.
# Since we can't easily change the image here, we'll try to run a one-time pip install.
systemd.services."openclaw-superpowers-setup" = lib.mkIf cfg.superpowers.enable {
description = "One-time setup for OpenClaw superpowers (PyYAML and Cron)";
after = [ "podman-openclaw.service" ];
after = [ "podman-openclaw.service" "openclaw-go-setup.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";