Conversation
- Fix Docker build failure: upstream OpenClaw now provides /usr/local/bin/openclaw symlink - Add optional Caddy reverse proxy service with 'https' profile for Let's Encrypt - Add Caddyfile.example template for HTTPS configuration - Add Caddyfile to .gitignore (site-specific configuration) - Caddy service disabled by default, enable with: docker compose --profile https up -d
Add tools profile selector (messaging/coding/full), hardcode streaming to "off" to prevent duplicate messages from lane rotation, expand Venice provider with 40+ models, support multi-channel bots and API key entry in wizard, update proxy to forward native Ollama paths, and add HTTPS support via optional Caddy profile in docker-compose. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add DockerService.execCommand() for running commands inside bot containers, CaddyService for dynamic HTTPS routing via Caddy admin API, and POST /api/bots/:hostname/pair endpoint for approving Telegram pairing codes from the dashboard. Includes inline pairing UI in BotCard with code input, success/error animations, and full test coverage. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
This PR updates BotMaker’s OpenClaw integration to support the newer “single internal gateway port + unique external ports” architecture, adds optional Caddy-based HTTPS routing, and extends the wizard/backend to support API-key provisioning, tools profiles, multi-channel workspaces, and Telegram pairing approval.
Changes:
- Introduce internal gateway port (8080) for all bot containers, with optional Caddy routing instead of per-bot Docker port publishing.
- Add CaddyService + dynamic route management and a Docker exec-based command runner used for Telegram pairing approval.
- Expand wizard + templates for tools profiles, multiple channels, and provider API key capture/proxy storage; update proxy behavior for Ollama and streaming forcing.
Reviewed changes
Copilot reviewed 40 out of 41 changed files in this pull request and generated 15 comments.
Show a summary per file
| File | Description |
|---|---|
| src/types/container.ts | Extends container config with internalPort + Caddy-related fields. |
| src/services/DockerService.ts | Adds port-binding logic for Caddy/no-Caddy and an execCommand helper. |
| src/services/DockerService.test.ts | New unit tests for execCommand behavior (stdout/stderr/timeout/errors). |
| src/services/CaddyService.ts | New service for Caddy admin API route management and container IP lookup. |
| src/services/CaddyService.test.ts | New unit tests for Caddy route add/remove and availability checks. |
| src/server.ts | Wires in BOT_INTERNAL_PORT, Caddy route add/remove, proxy key storage, multi-channel workspace creation, and Telegram pairing endpoint. |
| src/secrets/manager.ts | Changes secrets dir/file permissions to be readable by non-root bot user (security-sensitive). |
| src/config.ts | Adds PUBLIC_HOST and CADDY_ENABLED config fields. |
| src/bots/templates.ts | Generates OpenClaw 2026.3.x config (tools profile, channels config, internal gateway port, allowedOrigins). |
| src/bots/templates.test.ts | Updates/extends template tests for new gateway/channels/memorySearch behavior. |
| proxy/src/types.ts | Adjusts Ollama vendor basePath to support both /v1/* and /api/*. |
| proxy/src/services/upstream.ts | Skips forceNonStreaming for endpoints that are inherently non-streaming. |
| docker-compose.yml | Adds optional Caddy service and passes Caddy-related env vars into botmaker. |
| dashboard/src/wizard/pages/Page5Summary.tsx | Adds summary-time missing API key detection + “Add key” UX via proxy. |
| dashboard/src/wizard/pages/Page5Summary.css | Styles for missing API key warning + inline key add UI. |
| dashboard/src/wizard/pages/Page4Config.tsx | Adds API key input per provider and stores it in wizard state. |
| dashboard/src/wizard/pages/Page4Config.css | Styles API key hint text. |
| dashboard/src/wizard/pages/Page3Toggles.tsx | Adds tools profile selection UI. |
| dashboard/src/wizard/pages/Page3Toggles.css | Styles tools profile radio options and section hint. |
| dashboard/src/wizard/context/wizardUtils.ts | Validates API keys for auth providers and includes apiKey in create payload. |
| dashboard/src/wizard/context/wizardUtils.test.ts | Updates tests for new validation/features (currently needs alignment with apiKey field shape). |
| dashboard/src/wizard/context/WizardContext.tsx | Adds default tools/streaming feature defaults and apiKey support. |
| dashboard/src/wizard/context/WizardContext.test.tsx | Updates expected wizard state shapes for new defaults/apiKey fields. |
| dashboard/src/ui/BotLink.tsx | Builds Control UI URL (now optionally includes gateway token + heuristic https). |
| dashboard/src/types.ts | Adds ToolsProfile/StreamingMode and apiKey to provider config input. |
| dashboard/src/hooks/useBots.ts | Adds pairBot action. |
| dashboard/src/hooks/useBots.test.ts | Adds tests for handlePair. |
| dashboard/src/dashboard/StatusSection.tsx | Plumbs onPair through dashboard components. |
| dashboard/src/dashboard/DashboardTab.tsx | Plumbs onPair through tab sections. |
| dashboard/src/dashboard/BotCard.tsx | Adds Telegram pairing approval UI and passes gateway token to BotLink. |
| dashboard/src/dashboard/BotCard.css | Styling for pairing UI. |
| dashboard/src/config/providers/venice.ts | Updates Venice model list/default. |
| dashboard/src/config/providers/index.ts | Adds requiresAuth() helper. |
| dashboard/src/api.ts | Adds pairBot() API client call. |
| dashboard/src/api.test.ts | Adds tests for pairBot. |
| dashboard/src/App.tsx | Wires handlePair into DashboardTab. |
| HTTPS.md | New documentation for HTTPS profile/Caddy setup (needs env/port clarifications). |
| Dockerfile.botenv | Removes OpenClaw CLI symlink step. |
| Caddyfile.example | Adds example Caddyfile for dashboard proxying. |
| CLAUDE.md | Updates internal notes for OpenClaw 2026.3.x behaviors. |
| .gitignore | Ignores site-specific Caddyfile. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Caddy's dynamic routes (added via admin API) are in-memory only and lost on container restart, making bot control panels unreachable over WAN. Re-register routes for all running bots during server startup. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Address code review findings across 9 files: - config.ts: normalize empty/whitespace PUBLIC_HOST to null, validate CADDY_ENABLED requires PUBLIC_HOST - secrets/manager.ts: chown secrets to bot UID (1000) with tight permissions, fallback to world-readable - CaddyService.ts: guard against container not connected to expected network - DockerService.ts: preserve exec timeout errors instead of wrapping as NETWORK_ERROR - templates.ts: wire through telegramStreaming/discordStreaming feature values - BotLink.tsx: use window.location.protocol instead of hostname regex heuristic - wizardUtils.ts: skip API key validation (may exist in keyring-proxy), omit undefined fields - HTTPS.md: document required env vars and bot port firewall requirements Add 10 new tests covering all changes above. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.