vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-05 18:30:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add remote openshell sandbox mode

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-15 20:28:11 -07:00
parent 3b26da4b82
commit ae7f18e503
15 changed files with 1008 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/gateway/configuration-reference.md
View File

@@ -1117,7 +1117,7 @@ See [Typing Indicators](/concepts/typing-indicators).
### `agents.defaults.sandbox`
Optional **Docker sandboxing** for the embedded agent. See [Sandboxing](/gateway/sandboxing) for the full guide.
Optional sandboxing for the embedded agent. See [Sandboxing](/gateway/sandboxing) for the full guide.
```json5
{
@@ -1125,6 +1125,7 @@ Optional **Docker sandboxing** for the embedded agent. See [Sandboxing](/gateway
defaults: {
sandbox: {
mode: "non-main", // off | non-main | all
backend: "docker", // docker | openshell
scope: "agent", // session | agent | shared
workspaceAccess: "none", // none | ro | rw
workspaceRoot: "~/.openclaw/sandboxes",
@@ -1260,6 +1261,11 @@ noVNC observer access uses VNC auth by default and OpenClaw emits a short-lived
</Accordion>
When `backend: "openshell"` is selected, runtime-specific settings move to
`plugins.entries.openshell.config` (for example `mode: "mirror" | "remote"` and
`remoteWorkspaceDir`). Browser sandboxing and `sandbox.docker.binds` are
currently Docker-only.
Build images:
```bash