kris/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6b886eeea80aeb8bdb378f4a4035c1cf8619a8ac
nix/hosts/server/slop/openclaw.nix
Kris 6b886eeea8 tailscale
2026-03-19 17:39:44 +02:00

75 lines
2.4 KiB
Nix
Raw Blame History

{
inputs,
pkgs,
...
}:
let
openclawPatched = inputs.openclaw.packages.${pkgs.system}.openclaw-gateway.overrideAttrs (old: {
installPhase =
old.installPhase
+ "\n"
+ ''
# Point Brave web-search endpoint to local shim.
# NOTE: upstream installPhase script does not run postInstall hooks,
# so patch directly at the end of installPhase.
if [ -d "$out/lib/openclaw/dist" ]; then
# Web-search tool hardcodes Brave endpoint in bundled JS.
# No runtime config option exists for Brave base URL in this OpenClaw version.
grep -RIl "https://api.search.brave.com" "$out/lib/openclaw/dist" | while read -r f; do
substituteInPlace "$f" \
--replace "https://api.search.brave.com/res/v1/web/search" "http://127.0.0.1:8000/res/v1/web/search" \
--replace "https://api.search.brave.com/res/v1/" "http://127.0.0.1:8000/res/v1/" \
--replace "https://api.search.brave.com/" "http://127.0.0.1:8000/" \
--replace "https://api.search.brave.com" "http://127.0.0.1:8000"
done
fi
'';
});
in
{
users.users.openclaw = {
isSystemUser = false;
isNormalUser = true;
home = "/home/openclaw";
createHome = true;
group = "openclaw";
extraGroups = [ "docker" ];
shell = pkgs.bash;
description = "OpenClaw agent sandboxed user";
packages = [
openclawPatched
(pkgs.callPackage ./gogcli.nix { })
(pkgs.callPackage ./brave-shim.nix { })
pkgs.uv
pkgs.python3
];
};
users.groups.openclaw = { };
# Keep the openclaw user's systemd --user instance running so the gateway stays up.
# Using activation script because services.logind.lingerUsers isn't available in this release.
system.activationScripts.enableOpenclawLinger.text = ''
${pkgs.systemd}/bin/loginctl enable-linger openclaw || true
'';
# Run OpenClaw gateway only under the dedicated openclaw user (user systemd service).
home-manager.users.openclaw = { pkgs, ... }: {
imports = [ inputs.openclaw.homeManagerModules.openclaw ];
home.stateVersion = "24.11";
programs.openclaw = {
enable = true;
package = openclawPatched;
instances.default = {
enable = true;
# Linux user service only; prevent accidental launchd usage.
launchd.enable = false;
systemd.enable = true;
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink