Merge remote-tracking branch 'origin/main'

Author: andrasbacsai

.env.example

@@ -195,6 +195,12 @@ KIMI_BASE_URL=
 # Example: OPENCLAW_DOCKER_APT_PACKAGES=ffmpeg build-essential
 # OPENCLAW_DOCKER_APT_PACKAGES=
 
+# ── Custom init script (optional) ─────────────────────────────────────────────
+# Script that runs on every container start before openclaw starts.
+# Must be executable (chmod +x) and idempotent. Useful for extra runtime setup.
+# WARNING: Runs with container privileges. Review scripts from untrusted sources.
+# OPENCLAW_DOCKER_INIT_SCRIPT=/data/init.d/init.sh
+
 # ── Port ─────────────────────────────────────────────────────────────────────
 PORT=8080
 

Dockerfile.base

@@ -43,8 +43,33 @@ RUN apt-get update \
   && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
     ca-certificates \
     curl \
+    git \
+    build-essential \
+    file \
+    procps \
   && rm -rf /var/lib/apt/lists/*
 
+# Install Linuxbrew (installer refuses to run as root, so use a temp user)
+RUN useradd -m -s /bin/bash linuxbrew \
+  && mkdir -p /home/linuxbrew/.linuxbrew \
+  && chown -R linuxbrew:linuxbrew /home/linuxbrew
+USER linuxbrew
+RUN NONINTERACTIVE=1 /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
+USER root
+RUN chmod -R a+rx /home/linuxbrew/.linuxbrew
+ENV HOMEBREW_PREFIX="/home/linuxbrew/.linuxbrew" \
+    HOMEBREW_CELLAR="/home/linuxbrew/.linuxbrew/Cellar" \
+    HOMEBREW_REPOSITORY="/home/linuxbrew/.linuxbrew/Homebrew" \
+    PATH="/home/linuxbrew/.linuxbrew/bin:/home/linuxbrew/.linuxbrew/sbin:${PATH}"
+
+# Install Go (used by many skills)
+RUN curl -fsSL https://go.dev/dl/go1.24.1.linux-$(dpkg --print-architecture).tar.gz | tar -C /usr/local -xz
+ENV PATH="/usr/local/go/bin:${PATH}"
+
+# Install uv (fast Python package manager, used by Python-based skills)
+RUN curl -fsSL https://astral.sh/uv/install.sh | sh
+ENV PATH="/root/.local/bin:${PATH}"
+
 # Install under /opt/openclaw/app so that ../../ from dist/ lands at /opt/openclaw
 # which is where we place the symlinks. This avoids polluting / with project files.
 COPY --from=openclaw-build /openclaw /opt/openclaw/app

README.md

@@ -39,16 +39,22 @@ docker compose up -d
 ┌─────────────────────────────────────────────┐
 │  Docker container (coollabsio/openclaw)     │
 │                                             │
+│  Baked in: Linuxbrew, Go, uv, build-essential│
+│  Persistent volume: /data                   │
+│    ├── .openclaw/      (state & config)     │
+│    └── workspace/      (user projects)      │
+│                                             │
 │  ┌──────────┐  :8080   ┌────────────────┐  │
 │  │  nginx    │ ──────→  │  openclaw      │  │
 │  │  (basic   │  proxy   │  gateway       │  │
 │  │   auth)   │  :18789  │  :18789        │  │
 │  └──────────┘          └────────────────┘  │
 │                                             │
 │  entrypoint.sh                              │
-│    1. configure.js (env vars → json)        │
-│    2. nginx (background)                    │
-│    3. exec openclaw gateway                 │
+│    1. run custom init script (optional)     │
+│    2. configure.js (env vars → json)        │
+│    3. nginx (background)                    │
+│    4. exec openclaw gateway                 │
 └─────────────────────────────────────────────┘
 ```
 
@@ -312,6 +318,23 @@ If a channel env var is removed, that channel is cleaned from config on next sta
 |---|---|
 | `OPENCLAW_DOCKER_APT_PACKAGES` | Space-separated list of apt packages to install at container startup (e.g. `ffmpeg build-essential`). Packages are installed before openclaw starts. Reinstalled on each container restart. |
 
+### Linuxbrew (baked into image)
+
+The base image includes common skill dependencies baked in:
+
+- **Linuxbrew** — `/home/linuxbrew/.linuxbrew` — skills that need `brew` work out of the box
+- **Go** — `/usr/local/go` — for Go-based skills and tools
+- **uv** — fast Python package manager for Python-based skills
+- **build-essential**, **git**, **curl** — common build dependencies
+
+Note: packages installed at runtime (e.g. via `brew install`) are part of the container filesystem and do **not** persist across container rebuilds. To permanently add packages, customize `Dockerfile.base` or use `OPENCLAW_DOCKER_APT_PACKAGES` for apt-available equivalents.
+
+### Custom init script (optional)
+
+| Variable | Default | Description |
+|---|---|---|
+| `OPENCLAW_DOCKER_INIT_SCRIPT` | *(none)* | Script that runs on every container start before openclaw starts. Must be executable and idempotent. |
+
 ### Port
 
 | Variable | Default | Description |

scripts/entrypoint.sh

@@ -61,6 +61,13 @@ export OPENCLAW_WORKSPACE_DIR="$WORKSPACE_DIR"
 # (symlinks are detected as separate paths).
 export HOME="${STATE_DIR%/.openclaw}"
 
+# ── Run custom init script (if provided) ─────────────────────────────────────
+INIT_SCRIPT="${OPENCLAW_DOCKER_INIT_SCRIPT:-}"
+if [ -n "$INIT_SCRIPT" ] && [ -f "$INIT_SCRIPT" ] && [ -x "$INIT_SCRIPT" ]; then
+  echo "[entrypoint] running init script: $INIT_SCRIPT"
+  "$INIT_SCRIPT" || echo "[entrypoint] WARNING: init script exited with code $?"
+fi
+
 # ── Configure openclaw from env vars ─────────────────────────────────────────
 echo "[entrypoint] running configure..."
 node /app/scripts/configure.js