You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
234 lines
5.0 KiB
YAML
234 lines
5.0 KiB
YAML
# Default values for openclaw.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
# Image configuration
|
|
image:
|
|
registry: ghcr.io
|
|
repository: openclaw/openclaw
|
|
pullPolicy: IfNotPresent
|
|
# Overrides the image tag whose default is the chart appVersion.
|
|
tag: ""
|
|
|
|
imagePullSecrets: []
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
# Replica count - MUST be 1 for single-user architecture
|
|
replicaCount: 1
|
|
|
|
# Service account
|
|
serviceAccount:
|
|
# Specifies whether a service account should be created
|
|
create: true
|
|
# Annotations to add to the service account
|
|
annotations: {}
|
|
# The name of the service account to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name: ""
|
|
|
|
# Pod annotations
|
|
podAnnotations: {}
|
|
|
|
# Pod security context
|
|
podSecurityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
fsGroup: 1000
|
|
|
|
# Container security context
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: false # Node needs write access to /tmp
|
|
|
|
# Gateway configuration
|
|
gateway:
|
|
# Binding mode: loopback, lan, auto
|
|
bind: lan
|
|
# Gateway port
|
|
port: 18789
|
|
# Allow unconfigured startup (creates minimal config)
|
|
allowUnconfigured: false
|
|
# Additional CLI arguments
|
|
extraArgs: []
|
|
|
|
# Environment variables (non-sensitive)
|
|
env:
|
|
NODE_ENV: production
|
|
CLAWDBOT_STATE_DIR: /home/node/.openclaw
|
|
CLAWDBOT_WORKSPACE_DIR: /home/node/clawd
|
|
NODE_OPTIONS: "--max-old-space-size=2048"
|
|
|
|
# Secrets configuration
|
|
secrets:
|
|
# Create secret from values (dev/testing only - use existingSecret in production)
|
|
create: true
|
|
# Use existing secret (production)
|
|
existingSecret: ""
|
|
# Secret data (only used if create is true)
|
|
data:
|
|
anthropicApiKey: ""
|
|
openaiApiKey: ""
|
|
discordBotToken: ""
|
|
telegramBotToken: ""
|
|
gatewayToken: "" # Auto-generated if empty
|
|
|
|
# Config file (openclaw.json)
|
|
config:
|
|
# Create ConfigMap from inline config
|
|
create: true
|
|
# Use existing ConfigMap
|
|
existingConfigMap: ""
|
|
# Config data (JSON5 format)
|
|
data:
|
|
agents:
|
|
defaults:
|
|
model:
|
|
primary: "anthropic/claude-opus-4-5"
|
|
fallbacks:
|
|
- "anthropic/claude-sonnet-4-5"
|
|
- "openai/gpt-4o"
|
|
maxConcurrent: 4
|
|
sandbox:
|
|
mode: "off" # Disable Docker-in-Docker for Kubernetes
|
|
list:
|
|
- id: main
|
|
default: true
|
|
auth:
|
|
profiles:
|
|
"anthropic:default":
|
|
mode: token
|
|
provider: anthropic
|
|
"openai:default":
|
|
mode: token
|
|
provider: openai
|
|
gateway:
|
|
mode: local
|
|
bind: auto
|
|
auth:
|
|
mode: token
|
|
controlUi:
|
|
enabled: true
|
|
channels: {}
|
|
|
|
# Persistence
|
|
persistence:
|
|
enabled: true
|
|
# Storage class (use cluster default if empty)
|
|
storageClass: ""
|
|
# Access mode
|
|
accessMode: ReadWriteOnce
|
|
# Volume size
|
|
size: 10Gi
|
|
# Annotations
|
|
annotations: {}
|
|
# Selector
|
|
selector: {}
|
|
|
|
# Service configuration
|
|
service:
|
|
type: ClusterIP
|
|
port: 18789
|
|
annotations: {}
|
|
|
|
# Ingress configuration
|
|
ingress:
|
|
enabled: false
|
|
className: nginx
|
|
|
|
# Simplified domain configuration (recommended)
|
|
# Set your domain here - TLS will be auto-configured if tls.enabled is true
|
|
domain: "" # e.g., "openclaw.yourdomain.com"
|
|
|
|
# TLS configuration
|
|
tls:
|
|
enabled: false
|
|
# Secret name for TLS certificate (auto-generated name if empty)
|
|
secretName: ""
|
|
# Use cert-manager for automatic certificate provisioning
|
|
certManager:
|
|
enabled: false
|
|
issuer: "letsencrypt-prod"
|
|
|
|
# Additional annotations
|
|
annotations: {}
|
|
# WebSocket support (recommended for real-time features):
|
|
# nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
|
|
# nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
|
|
|
|
# Advanced: Manual host configuration (overrides domain if set)
|
|
hosts: []
|
|
# - host: openclaw.example.com
|
|
# paths:
|
|
# - path: /
|
|
# pathType: Prefix
|
|
|
|
# Resource limits/requests
|
|
resources:
|
|
limits:
|
|
memory: 2Gi
|
|
cpu: 1000m
|
|
requests:
|
|
memory: 512Mi
|
|
cpu: 250m
|
|
|
|
# Node selector
|
|
nodeSelector: {}
|
|
|
|
# Tolerations
|
|
tolerations: []
|
|
|
|
# Affinity rules
|
|
affinity: {}
|
|
|
|
# Init containers (for setup tasks)
|
|
initContainers: []
|
|
|
|
# Extra containers (sidecars)
|
|
extraContainers: []
|
|
|
|
# Lifecycle hooks
|
|
lifecycle:
|
|
preStop:
|
|
exec:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- rm -f /home/node/.openclaw/gateway.*.lock; sleep 10
|
|
|
|
# Probes
|
|
# Use tcpSocket for startup/readiness (lightweight), exec for liveness (thorough)
|
|
livenessProbe:
|
|
enabled: true
|
|
exec:
|
|
command:
|
|
- node
|
|
- dist/index.js
|
|
- health
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 60
|
|
timeoutSeconds: 30
|
|
failureThreshold: 3
|
|
|
|
readinessProbe:
|
|
enabled: true
|
|
tcpSocket:
|
|
port: 18789
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 5
|
|
timeoutSeconds: 3
|
|
failureThreshold: 3
|
|
|
|
startupProbe:
|
|
enabled: true
|
|
tcpSocket:
|
|
port: 18789
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 5
|
|
timeoutSeconds: 3
|
|
failureThreshold: 30 # 150 seconds max startup time
|