configuration
SKILL.md
OpenClaw 配置管理
概述
OpenClaw 的核心配置、环境变量、性能调优和安全配置指南。
核心配置文件
application.yml 结构
# /opt/openclaw/conf/application.yml
server:
port: 8080
grpc:
port: 9090
servlet:
context-path: /
spring:
application:
name: openclaw-server
datasource:
url: jdbc:mysql://localhost:3306/openclaw?useUnicode=true&characterEncoding=utf8&serverTimezone=Asia/Shanghai
username: openclaw
password: your_password
driver-class-name: com.mysql.cj.jdbc.Driver
hikari:
maximum-pool-size: 20
minimum-idle: 5
idle-timeout: 300000
connection-timeout: 30000
max-lifetime: 1800000
redis:
host: localhost
port: 6379
password:
database: 0
lettuce:
pool:
max-active: 16
max-idle: 8
min-idle: 2
openclaw:
# 集群配置
cluster:
name: openclaw-cluster
node-id: ${HOSTNAME:node-1}
heartbeat-interval: 10000
# 调度配置
scheduler:
thread-pool-size: 20
max-retry-times: 3
retry-interval: 30000
task-timeout: 3600000
# 执行器配置
executor:
max-concurrent-tasks: 100
task-queue-size: 10000
# 日志配置
logging:
level: INFO
retention-days: 30
max-file-size: 100MB
Worker 配置
# /opt/openclaw/conf/worker.yml
worker:
# 服务端连接
server:
host: openclaw-server
port: 9090
# Worker 配置
group: default
name: ${HOSTNAME:worker-1}
threads: 8
max-tasks: 50
# 心跳配置
heartbeat:
interval: 5000
timeout: 30000
# 任务配置
task:
temp-dir: /tmp/openclaw
log-dir: /opt/openclaw/logs/tasks
max-log-size: 10MB
环境变量配置
Server 环境变量
# 数据库配置
export OPENCLAW_DB_HOST=localhost
export OPENCLAW_DB_PORT=3306
export OPENCLAW_DB_NAME=openclaw
export OPENCLAW_DB_USER=openclaw
export OPENCLAW_DB_PASSWORD=your_password
# Redis 配置
export OPENCLAW_REDIS_HOST=localhost
export OPENCLAW_REDIS_PORT=6379
export OPENCLAW_REDIS_PASSWORD=
# 服务配置
export OPENCLAW_PORT=8080
export OPENCLAW_GRPC_PORT=9090
# JVM 配置
export JAVA_OPTS="-Xms1g -Xmx2g -XX:+UseG1GC -XX:MaxGCPauseMillis=200"
# 日志级别
export LOG_LEVEL=INFO
Worker 环境变量
# Server 连接
export OPENCLAW_SERVER_HOST=openclaw-server
export OPENCLAW_SERVER_PORT=9090
# Worker 配置
export WORKER_GROUP=default
export WORKER_NAME=worker-1
export WORKER_THREADS=8
# 任务配置
export TASK_TEMP_DIR=/tmp/openclaw
export TASK_LOG_DIR=/opt/openclaw/logs/tasks
Docker 环境变量传递
# docker-compose.yml 方式
docker-compose up -d
# 或直接传递
docker run -d \
-e OPENCLAW_DB_HOST=mysql \
-e OPENCLAW_DB_PASSWORD=password \
-e JAVA_OPTS="-Xms1g -Xmx2g" \
openclaw/openclaw-server:latest
数据库配置
连接池配置
spring:
datasource:
hikari:
# 最大连接数
maximum-pool-size: 20
# 最小空闲连接
minimum-idle: 5
# 空闲超时 (5分钟)
idle-timeout: 300000
# 连接超时 (30秒)
connection-timeout: 30000
# 连接最大生命周期 (30分钟)
max-lifetime: 1800000
# 连接池名称
pool-name: OpenClawHikariPool
# 连接测试查询
connection-test-query: SELECT 1
多数据源配置
spring:
datasource:
primary:
url: jdbc:mysql://master:3306/openclaw
username: openclaw
password: password
secondary:
url: jdbc:mysql://slave:3306/openclaw
username: openclaw
password: password
read-only: true
数据库优化参数
-- MySQL 推荐配置
SET GLOBAL innodb_buffer_pool_size = 1G;
SET GLOBAL innodb_log_file_size = 256M;
SET GLOBAL max_connections = 500;
SET GLOBAL innodb_flush_log_at_trx_commit = 2;
SET GLOBAL sync_binlog = 0;
Redis 配置
单机配置
spring:
redis:
host: localhost
port: 6379
password:
database: 0
timeout: 10000
lettuce:
pool:
max-active: 16
max-idle: 8
min-idle: 2
max-wait: 10000
集群配置
spring:
redis:
cluster:
nodes:
- redis-node-1:6379
- redis-node-2:6379
- redis-node-3:6379
max-redirects: 3
lettuce:
cluster:
refresh:
adaptive: true
period: 30000
哨兵配置
spring:
redis:
sentinel:
master: mymaster
nodes:
- sentinel-1:26379
- sentinel-2:26379
- sentinel-3:26379
password: redis_password
调度器配置
基础配置
openclaw:
scheduler:
# 调度线程池大小
thread-pool-size: 20
# 任务重试配置
max-retry-times: 3
retry-interval: 30000
# 任务超时 (1小时)
task-timeout: 3600000
# 任务队列
queue-capacity: 10000
# 调度策略
strategy: ROUND_ROBIN # ROUND_ROBIN, RANDOM, LEAST_LOAD, CONSISTENT_HASH
高级调度策略
openclaw:
scheduler:
# 故障转移
failover:
enabled: true
max-attempts: 3
# 负载均衡
load-balance:
strategy: LEAST_LOAD
weight-enabled: true
# 任务分片
sharding:
enabled: true
default-count: 10
执行器配置
Worker 执行器
openclaw:
executor:
# 并发任务数
max-concurrent-tasks: 100
# 任务队列大小
task-queue-size: 10000
# 线程池配置
core-pool-size: 10
max-pool-size: 50
keep-alive-time: 60
# 任务类型执行器
handlers:
shell:
enabled: true
timeout: 3600
http:
enabled: true
timeout: 300
max-connections: 100
python:
enabled: true
interpreter: /usr/bin/python3
日志配置
Logback 配置
<!-- /opt/openclaw/conf/logback-spring.xml -->
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<property name="LOG_PATH" value="/opt/openclaw/logs"/>
<property name="LOG_PATTERN" value="%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{50} - %msg%n"/>
<!-- 控制台输出 -->
<appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>${LOG_PATTERN}</pattern>
</encoder>
</appender>
<!-- 文件输出 -->
<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${LOG_PATH}/openclaw.log</file>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>${LOG_PATH}/openclaw.%d{yyyy-MM-dd}.%i.log.gz</fileNamePattern>
<timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
<maxFileSize>100MB</maxFileSize>
</timeBasedFileNamingAndTriggeringPolicy>
<maxHistory>30</maxHistory>
</rollingPolicy>
<encoder>
<pattern>${LOG_PATTERN}</pattern>
</encoder>
</appender>
<!-- 错误日志单独记录 -->
<appender name="ERROR_FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${LOG_PATH}/error.log</file>
<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
<level>ERROR</level>
</filter>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>${LOG_PATH}/error.%d{yyyy-MM-dd}.log.gz</fileNamePattern>
<maxHistory>30</maxHistory>
</rollingPolicy>
<encoder>
<pattern>${LOG_PATTERN}</pattern>
</encoder>
</appender>
<root level="INFO">
<appender-ref ref="CONSOLE"/>
<appender-ref ref="FILE"/>
<appender-ref ref="ERROR_FILE"/>
</root>
<!-- 特定包日志级别 -->
<logger name="com.openclaw" level="DEBUG"/>
<logger name="org.springframework" level="WARN"/>
<logger name="org.hibernate" level="WARN"/>
</configuration>
安全配置
认证配置
openclaw:
security:
# JWT 配置
jwt:
secret: your-secret-key-at-least-256-bits
expiration: 86400000 # 24小时
refresh-expiration: 604800000 # 7天
# 密码策略
password:
min-length: 8
require-uppercase: true
require-lowercase: true
require-digit: true
require-special: false
# 登录限制
login:
max-attempts: 5
lock-duration: 1800000 # 30分钟
HTTPS 配置
server:
ssl:
enabled: true
key-store: classpath:keystore.p12
key-store-password: changeit
key-store-type: PKCS12
key-alias: openclaw
CORS 配置
openclaw:
cors:
allowed-origins:
- http://localhost:3000
- https://openclaw.example.com
allowed-methods:
- GET
- POST
- PUT
- DELETE
allowed-headers: "*"
allow-credentials: true
max-age: 3600
性能调优
JVM 调优
# 生产环境推荐配置
JAVA_OPTS="-server \
-Xms4g -Xmx4g \
-XX:+UseG1GC \
-XX:MaxGCPauseMillis=200 \
-XX:+ParallelRefProcEnabled \
-XX:+UnlockExperimentalVMOptions \
-XX:+DisableExplicitGC \
-XX:+HeapDumpOnOutOfMemoryError \
-XX:HeapDumpPath=/opt/openclaw/logs/heapdump.hprof \
-Djava.net.preferIPv4Stack=true"
线程池调优
openclaw:
thread-pool:
scheduler:
core-size: 20
max-size: 50
queue-capacity: 1000
executor:
core-size: 50
max-size: 200
queue-capacity: 5000
async:
core-size: 10
max-size: 30
queue-capacity: 500
配置热更新
动态配置
# 通过 API 更新配置
curl -X PUT http://localhost:8080/api/admin/config \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${TOKEN}" \
-d '{
"key": "scheduler.thread-pool-size",
"value": "30"
}'
# 查看当前配置
curl http://localhost:8080/api/admin/config \
-H "Authorization: Bearer ${TOKEN}"
# 刷新配置
curl -X POST http://localhost:8080/api/admin/config/refresh \
-H "Authorization: Bearer ${TOKEN}"
配置验证
检查配置
# 验证配置文件语法
/opt/openclaw/bin/openclaw-server.sh validate
# 测试数据库连接
/opt/openclaw/bin/openclaw-server.sh test-db
# 测试 Redis 连接
/opt/openclaw/bin/openclaw-server.sh test-redis
# 查看生效的配置
curl http://localhost:8080/api/admin/config/effective \
-H "Authorization: Bearer ${TOKEN}"
常用配置模板
| 场景 | 关键配置 |
|---|---|
| 开发环境 | LOG_LEVEL=DEBUG, 小内存配置 |
| 测试环境 | 中等资源配置,启用详细日志 |
| 生产环境 | 高可用配置,优化性能参数 |
| 高并发 | 增大线程池,连接池,队列大小 |
| 低延迟 | 减小心跳间隔,快速故障检测 |
Weekly Installs
5
Repository
chaterm/terminal-skillsGitHub Stars
28
First Seen
9 days ago
Security Audits
Installed on
openclaw5
gemini-cli5
github-copilot5
codex5
kimi-cli5
cursor5