From 74d98c0e52d53ccb99771e15c6a59aae2ec267f9 Mon Sep 17 00:00:00 2001 From: ashisgreat22 Date: Fri, 6 Mar 2026 23:12:55 +0100 Subject: [PATCH] feat: add gemini-cli to OpenClaw --- hosts/nixos/kafka.nix | 33 +++++++++++++++++++++++++++--- modules/nixos/openclaw.nix | 41 +++++++++++++++++++++++--------------- 2 files changed, 55 insertions(+), 19 deletions(-) diff --git a/hosts/nixos/kafka.nix b/hosts/nixos/kafka.nix index ec5c1fb..fe29484 100644 --- a/hosts/nixos/kafka.nix +++ b/hosts/nixos/kafka.nix @@ -29,7 +29,12 @@ gateway = { port = 18789; bind = "loopback"; - trustedProxies = [ "::1" "127.0.0.1" "10.88.0.0/16" "10.89.0.0/16" ]; + trustedProxies = [ + "::1" + "127.0.0.1" + "10.88.0.0/16" + "10.89.0.0/16" + ]; auth = { mode = "none"; }; @@ -42,7 +47,10 @@ discord = { enabled = true; token = "/run/secrets/openclaw-discord-token"; - allowFrom = [ "1178286690750693419" "*" ]; + allowFrom = [ + "1178286690750693419" + "*" + ]; groupPolicy = "open"; dmPolicy = "open"; }; @@ -71,7 +79,7 @@ mode = "merge"; providers.zai = { baseUrl = "https://api.z.ai/api/coding/paas/v4"; - apiKey = "e77f2c392cb942eca9d0407eebc75549.XG7ikxT2kBEQUPYx"; + apiKey = config.sops.secrets."openclaw/glm_api_key".path; models = [ { id = "glm-4.7"; @@ -89,6 +97,25 @@ } ]; }; + providers.cli = { + api = "openai-completions"; + baseUrl = "http://localhost:8045/cli/v1"; + apiKey = config.sops.secrets."openclaw/master_api_key".path; + models = [ + { + id = "gemini-3.1-pro-preview"; + name = "gemini-3.1-pro-preview"; + contextWindow = 1000000; + maxTokens = 65536; + } + { + id = "gemini-3-flash-preview"; + name = "gemini-3-flash-preview"; + contextWindow = 128000; + maxTokens = 65536; + } + ]; + }; }; skills.entries.mcporter.enabled = true; }; diff --git a/modules/nixos/openclaw.nix b/modules/nixos/openclaw.nix index f281700..958f5bb 100644 --- a/modules/nixos/openclaw.nix +++ b/modules/nixos/openclaw.nix @@ -1,4 +1,10 @@ -{ config, lib, pkgs, inputs, ... }: +{ + config, + lib, + pkgs, + inputs, + ... +}: with lib; @@ -27,7 +33,7 @@ in default = 18789; description = "Port to listen on"; }; - + dataDir = mkOption { type = types.str; default = "/var/lib/openclaw"; @@ -67,16 +73,18 @@ in group = cfg.group; key = "searxng_brave_api_key"; }; - - # Ensure secrets exist in sops config, if not user needs to add them. - # We assume secrets.yaml has these keys or user will map them. - # The user had /run/secrets/openclaw-discord-token before. + + sops.secrets."openclaw/master_api_key" = { + owner = cfg.user; + group = cfg.group; + key = "master_api_key"; + }; systemd.services.openclaw = { description = "OpenClaw AI Agent"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; - + serviceConfig = { User = cfg.user; Group = cfg.group; @@ -85,14 +93,6 @@ in Restart = "always"; RestartSec = "10s"; - # Environment variables or config file generation - # OpenClaw seems to take config via a file or env vars. - # Based on previous flake, it used a config file. - # We can generate the config file in the ExecStartPre or rely on env vars if supported. - # The previous flake copied a config file. - - # Let's verify how openclaw takes config. - # It used OPENCLAW_CONFIG_DIR, OPENCLAW_DATA_DIR, OPENCLAW_WORKSPACE_DIR env vars. }; environment = { @@ -110,7 +110,7 @@ in mkdir -p ${cfg.dataDir}/config mkdir -p ${cfg.dataDir}/data mkdir -p ${cfg.dataDir}/workspace - + # Generate config.json cat > ${cfg.dataDir}/config/openclaw.json <