feat(openclaw): deploy OpenClaw AI chatbot gateway on VM 120

- Add Docker Compose configs with security hardening (cap_drop ALL, non-root, read-only FS)
- Add Prometheus node_exporter scrape target for 192.168.2.120:9100
- Update services/README.md, INDEX.md, and CLAUDE_STATUS.md with VM 120
- Image pinned to v2026.2.1 (patches CVE-2026-25253)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
2026-02-03 18:07:09 -07:00
parent e481c95da4
commit e08951de21
9 changed files with 1031 additions and 20 deletions

View File

@@ -0,0 +1,20 @@
services:
openclaw:
cap_drop:
- ALL
security_opt:
- no-new-privileges:true
read_only: true
tmpfs:
- /tmp:size=256m
- /.openclaw:size=64m
privileged: false
user: "1001:1001"
deploy:
resources:
limits:
cpus: "3.5"
memory: 14G
reservations:
cpus: "0.5"
memory: 512M