53 lines
1.3 KiB
Nix
53 lines
1.3 KiB
Nix
{
|
|
inputs,
|
|
config,
|
|
...
|
|
}: let
|
|
flk = config.flake;
|
|
in {
|
|
flake.modules.nixos.server = {
|
|
pkgs,
|
|
config,
|
|
...
|
|
}: {
|
|
nixpkgs.overlays = [inputs.nix-openclaw.overlays.default];
|
|
|
|
sops.secrets."openclaw/telegram_token" = {
|
|
owner = flk.meta.user.name;
|
|
};
|
|
sops.secrets."openclaw/env" = {
|
|
owner = flk.meta.user.name;
|
|
};
|
|
};
|
|
|
|
flake.modules.homeManager.server = {
|
|
imports = [inputs.nix-openclaw.homeManagerModules.openclaw];
|
|
|
|
programs.openclaw = {
|
|
enable = true;
|
|
config = {
|
|
channels.telegram = {
|
|
tokenFile = "/run/secrets/openclaw/telegram_token";
|
|
allowFrom = [
|
|
flk.meta.telegram.userId
|
|
];
|
|
};
|
|
|
|
gateway = {
|
|
mode = "local";
|
|
};
|
|
};
|
|
};
|
|
|
|
# Pass the ANTHROPIC_API_KEY (and any other env vars) to the gateway service.
|
|
# The env file at /run/secrets/openclaw/env should contain lines like:
|
|
# ANTHROPIC_API_KEY=sk-ant-...
|
|
#
|
|
# NOTE (issue #35): gateway.auth.token does not serialize from Nix config into
|
|
# the on-disk JSON that the gateway reads. After first activation, run:
|
|
# openclaw config set gateway.auth.token <your-token>
|
|
systemd.user.services.openclaw-gateway = {
|
|
serviceConfig.EnvironmentFile = "/run/secrets/openclaw/env";
|
|
};
|
|
};
|
|
}
|