fix(docker): use envsubst template pattern — no hardcoded URLs or keys (MS22-P1a)
All checks were successful
ci/woodpecker/push/infra Pipeline was successful
All checks were successful
ci/woodpecker/push/infra Pipeline was successful
This commit is contained in:
23
docker/openclaw-instances/entrypoint.sh
Executable file
23
docker/openclaw-instances/entrypoint.sh
Executable file
@@ -0,0 +1,23 @@
|
||||
#!/bin/sh
|
||||
# OpenClaw container entrypoint — renders config template via envsubst then starts gateway
|
||||
set -e
|
||||
|
||||
TEMPLATE="/config/openclaw.json.template"
|
||||
CONFIG="/tmp/openclaw.json"
|
||||
|
||||
if [ ! -f "$TEMPLATE" ]; then
|
||||
echo "ERROR: Config template not found at $TEMPLATE"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Validate required env vars
|
||||
: "${ZAI_API_KEY:?ZAI_API_KEY is required}"
|
||||
: "${OPENCLAW_GATEWAY_TOKEN:?OPENCLAW_GATEWAY_TOKEN is required}"
|
||||
: "${OLLAMA_BASE_URL:?OLLAMA_BASE_URL is required (e.g. http://10.1.1.42:11434)}"
|
||||
|
||||
# Render template -> final config (no hardcoded values in image or volumes)
|
||||
envsubst < "$TEMPLATE" > "$CONFIG"
|
||||
|
||||
export OPENCLAW_CONFIG_PATH="$CONFIG"
|
||||
|
||||
exec openclaw gateway run --bind lan --auth token "$@"
|
||||
Reference in New Issue
Block a user