aceeb7b542
- ansible/: VM provisioning playbooks and roles - provision-vm.yml: create KVM VM from Ubuntu cloud image - install.yml: install OpenClaw on guest (upstream) - customize.yml: swappiness, virtiofs fstab, linger - roles/vm/: libvirt domain XML, cloud-init templates - inventory.yml + host_vars/zap.yml: zap instance config - backup-openclaw-vm.sh: daily rsync + MinIO upload - restore-openclaw-vm.sh: full redeploy from scratch - README.md: full operational documentation Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
43 lines
1.0 KiB
Django/Jinja
43 lines
1.0 KiB
Django/Jinja
[Unit]
|
|
Description=OpenClaw AI Gateway
|
|
After=network.target docker.service
|
|
Requires=docker.service
|
|
|
|
[Service]
|
|
Type=simple
|
|
User={{ openclaw_user }}
|
|
Group={{ openclaw_user }}
|
|
WorkingDirectory={{ openclaw_home }}
|
|
|
|
# Environment variables
|
|
Environment="PNPM_HOME={{ openclaw_home }}/.local/share/pnpm"
|
|
Environment="PATH={{ openclaw_home }}/.local/bin:{{ openclaw_home }}/.local/share/pnpm:/usr/local/bin:/usr/bin:/bin"
|
|
Environment="HOME={{ openclaw_home }}"
|
|
Environment="XDG_RUNTIME_DIR=/run/user/{{ openclaw_uid_value }}"
|
|
|
|
# DBus session bus
|
|
Environment="DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/{{ openclaw_uid_value }}/bus"
|
|
|
|
# Start command
|
|
ExecStart=openclaw gateway
|
|
|
|
# Restart policy
|
|
Restart=always
|
|
RestartSec=10
|
|
|
|
# Security hardening
|
|
NoNewPrivileges=true
|
|
PrivateTmp=true
|
|
ProtectSystem=strict
|
|
ProtectHome=read-only
|
|
ReadWritePaths={{ openclaw_home }}/.openclaw
|
|
ReadWritePaths={{ openclaw_home }}/.local
|
|
|
|
# Logging
|
|
StandardOutput=journal
|
|
StandardError=journal
|
|
SyslogIdentifier=openclaw
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|