From 822dd91921124c3b29cc6906f42c7481d49ad579 Mon Sep 17 00:00:00 2001 From: Lee Date: Sat, 4 Apr 2026 00:03:34 +0800 Subject: [PATCH] =?UTF-8?q?docs:=20=E5=B1=80=E5=9F=9F=E7=BD=91=E8=AE=BF?= =?UTF-8?q?=E9=97=AE=20Control=20UI=20=E8=A7=A3=E5=86=B3=E6=96=B9=E6=A1=88?= =?UTF-8?q?=20+=20heartbeat=20=E4=BC=98=E5=8C=96=20+=20=E6=97=A5=E5=BF=97?= =?UTF-8?q?=E5=BD=92=E6=A1=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - nginx SSL 证书权限修复 (self-signed.key: 600 → 640, group → www-data) - Control UI 允许 HTTPS origin + dangerouslyDisableDeviceAuth - HEARTBEAT.md 简化为 cron 任务说明,避免重复检查 - 归档 3/31, 4/01, 4/03 memory 日志 --- HEARTBEAT.md | 22 +-- memory/2026-03-31.md | 36 ++++ memory/2026-04-01.md | 18 ++ memory/2026-04-03-browser-relay-setup.md | 210 +++++++++++++++++++++++ memory/2026-04-03-late-night-checkin.md | 14 ++ memory/2026-04-03-remote-access-fix.md | 60 +++++++ memory/heartbeat-state.json | 10 +- 7 files changed, 346 insertions(+), 24 deletions(-) create mode 100644 memory/2026-04-01.md create mode 100644 memory/2026-04-03-browser-relay-setup.md create mode 100644 memory/2026-04-03-late-night-checkin.md create mode 100644 memory/2026-04-03-remote-access-fix.md diff --git a/HEARTBEAT.md b/HEARTBEAT.md index f46f827..2573938 100755 --- a/HEARTBEAT.md +++ b/HEARTBEAT.md @@ -1,23 +1,7 @@ # HEARTBEAT.md - -# 白天系统健康检查 -# 时区:Asia/Hong_Kong -# 目标:本机 -# 规则:08:30-23:00 每 30 分钟检查一次;若 CPU 或内存 > 80%,主动在当前聊天报警; - -- Track in `memory/heartbeat-state.json`. -- **Scheduled Tasks**: - - 6:00 AM - - 12:00 PM - - 6:00 PM - - 00:00 AM -- **Monitoring Script**: - - Run `/home/sinlee/monitor.sh` at scheduled times - - Ensure script formats output for Telegram -- **Behavior**: - - At scheduled times, trigger monitor.sh to collect metrics - - Send results directly to Telegram topic #3834524994 -- After each check, update `memory/heartbeat-state.json` with last check time and task results. +# 系统健康检查 — 频率见 cron 任务 990700ff(每天 00:00/06:00/12:00/18:00) +# ⚠️ 不要在此处配置周期检查,避免与 cron 冲突重复报告 +# 保留此文件仅作任务说明,heartbeat 轮询时如无额外任务则回复 HEARTBEAT_OK --- # 旧版 HEARTBEAT.md 内容(仅供参考) diff --git a/memory/2026-03-31.md b/memory/2026-03-31.md index dc58ad2..97c6d45 100644 --- a/memory/2026-03-31.md +++ b/memory/2026-03-31.md @@ -7,3 +7,39 @@ - Confirmed OpenClaw cron task ID `990700ff-be06-44c5-be10-19eaf3ed0af9` is already scheduled as `0 6,12,18,0 * * *`, i.e. exactly 00:00 / 06:00 / 12:00 / 18:00 daily. - Task currently targets Telegram chat `-1003834524994`, topic `4`. - Noted minor inconsistency: task display/name still says `Server health report every 30m`, but actual schedule is already the four-times-daily one. +# 2026-03-31 星期二 (Asia/Hong_Kong) + +## Telegram forum topic 群消息免艾特配置已验证可用 +- 用户已完成新版 OpenClaw Telegram 群/topic 配置调整。 +- 当前在 Telegram 群“龙虾指挥部” topic 4 中,机器人已经可以在**不被 @ 提及**的情况下正常回复。 +- 相关现有配置特征: + - `channels.telegram.groups.-1003834524994.requireMention = false` + - `channels.telegram.groups.-1003834524994.topics.4.requireMention = false` + - `channels.telegram.groupPolicy = allowlist` + - `channels.telegram.groupAllowFrom` 已包含用户 `975333652` +- 说明新版 2026.3.23-2 下,群/topic 的免艾特响应链路已经打通。 + +## Telegram 图片接收失败根因已定位 +- 用户反馈机器人“收不到图片”。 +- 排查日志后确认:**不是 Telegram 消息没到,而是 OpenClaw 在下载 Telegram 图片文件时被 URL fetch 安全策略拦截**。 +- 关键现象:日志中出现类似 + - `blocked URL fetch (url-fetch) target=https://api.telegram.org/file/bot... reason=Blocked: resolves to private/internal/special-use IP address` +- 当前判断: + - 文字链路正常; + - 媒体链路在下载 `api.telegram.org/file/...` 时被安全检查阻断; + - 高概率与宿主机 DNS/hosts/代理解析结果,或当前版本 URL 安全判定过严有关。 +- 用户明确希望走“方案 2”(通过 OpenClaw 配置放行/修复),后续应继续根据本地新版文档核对是否存在正式支持的 URL fetch 放行键名,再决定是否修改配置。 + +## 夜间风扇变快排查结论 +- 2026-03-31 凌晨用户反馈主机风扇转速明显加快。 +- 排查结果:**OpenClaw 本身不是主因**。 +- 当时资源占用最高的进程: + - `ffmpeg`(Jellyfin 转码路径)约 `101% CPU` + - `baidunetdisk` 约 `21% CPU` + - `qemu-system-x86_64` 约 `7% CPU` + - OpenClaw 自身约 `0.4% CPU` +- 系统整体负载并未爆满: + - `load average` 约 `1.59 / 1.47 / 1.76` + - 主机有 `16 CPU` + - CPU 平均空闲仍约 `89.91%` +- 结论:更像是 **Jellyfin 正在进行实时转码/媒体处理**,带动风扇升速,而不是整机高压或 OpenClaw 失控。 diff --git a/memory/2026-04-01.md b/memory/2026-04-01.md new file mode 100644 index 0000000..ef56bfb --- /dev/null +++ b/memory/2026-04-01.md @@ -0,0 +1,18 @@ +## 2026-04-01 Memory Flush + +- Completed anime library cleanup for 《仙逆》: + - Organized into seasons: Season 01 (001-050), Season 02 (051-099), Season 03 (100-134) + - Special: Season 00 for 劇場版 + - Extras folder for duplicate/纯享版 files + - Renamed all video files to Jellyfin format: 《仙逆》 - S##E##.ext + - Handled duplicate file for episode 134 by keeping largest version in Season 03 and moving others to Extras + +- Movie library status after previous cleanup: + - Remaining anomaly: only the intentional collection folder 《名侦探柯南剧场版1-19》 + - All other movies normalized to Jellyfin-friendly 电影名 (年份)/电影名 (年份).ext format + - Special cases like .rmvb files in Conan movies have been renamed appropriately + +- Current tasks completed per user requests: + - Fixed Jellyfin media naming for 《画江湖之不良人》 Season 07 + - Audited and normalized anime, TV shows, and movies libraries + - Processed user-requested anime 《仙逆》 with same season/episode treatment diff --git a/memory/2026-04-03-browser-relay-setup.md b/memory/2026-04-03-browser-relay-setup.md new file mode 100644 index 0000000..6b9c234 --- /dev/null +++ b/memory/2026-04-03-browser-relay-setup.md @@ -0,0 +1,210 @@ +# Session: 2026-04-03 15:45:12 UTC + +- **Session Key**: agent:main:main +- **Session ID**: 563eb943-3f05-4ecb-8f1b-e6782ce8c41f +- **Source**: telegram + +## Conversation Summary + +assistant: 找到问题了!**配置文件里完全没有 `browser` 配置**,所以 Relay Server 没启动。 + +需要在 `openclaw.json` 里添加: + +```json +"browser": { + "enabled": true +} +``` + +要我帮你加上吗?加完重启 Gateway,18792 就会启动了。 +user: Conversation info (untrusted metadata): +```json +{ + "message_id": "779", + "sender_id": "975333652", + "sender": "星", + "timestamp": "Fri 2026-04-03 23:30 GMT+8" +} +``` + +Sender (untrusted metadata): +```json +{ + "label": "星 (975333652)", + "id": "975333652", + "name": "星", + "username": "zhuimanxing" +} +``` + +加上 然后直接重启 +user: Conversation info (untrusted metadata): +```json +{ + "message_id": "780", + "sender_id": "975333652", + "sender": "星", + "timestamp": "Fri 2026-04-03 23:31 GMT+8" +} +``` + +Sender (untrusted metadata): +```json +{ + "label": "星 (975333652)", + "id": "975333652", + "name": "星", + "username": "zhuimanxing" +} +``` + +再检查一下 +assistant: 配置已经更新了,但 18792 还是没有启动。让我查一下文档,看看还需要什么配置: +user: Conversation info (untrusted metadata): +```json +{ + "message_id": "782", + "sender_id": "975333652", + "sender": "星", + "timestamp": "Fri 2026-04-03 23:35 GMT+8" +} +``` + +Sender (untrusted metadata): +```json +{ + "label": "星 (975333652)", + "id": "975333652", + "name": "星", + "username": "zhuimanxing" +} +``` + +查到什么了, 怎么又没有后续的反馈? +assistant: 抱歉,刚才在查文档。总结一下发现: + +文档说 **`chrome` 配置文件是内置的**,默认指向 `http://127.0.0.1:18792`。但 Relay Server 还是没启动。 + +可能需要显式设置 `defaultProfile: "chrome"`。让我加上试试: +user: Conversation info (untrusted metadata): +```json +{ + "message_id": "784", + "sender_id": "975333652", + "sender": "星", + "timestamp": "Fri 2026-04-03 23:36 GMT+8" +} +``` + +Sender (untrusted metadata): +```json +{ + "label": "星 (975333652)", + "id": "975333652", + "name": "星", + "username": "zhuimanxing" +} +``` + +加了吗, 重启了吗, 重启了那现在什么状态? +assistant: 配置加了,重启了,但 **18792 还是没有启动**。 +user: Conversation info (untrusted metadata): +```json +{ + "message_id": "786", + "sender_id": "975333652", + "sender": "星", + "timestamp": "Fri 2026-04-03 23:37 GMT+8" +} +``` + +Sender (untrusted metadata): +```json +{ + "label": "星 (975333652)", + "id": "975333652", + "name": "星", + "username": "zhuimanxing" +} +``` + +怎么又断开了, 行不行, 没明确的解决方案, 就看看本地的文档, 或者查询一下网络 +assistant: 文档说浏览器插件需要两个条件都满足:`plugins.entries.browser.enabled` + `browser.enabled=true`。让我加上: +assistant: 找到了!这是个已知问题 — **startup deadlock**: +assistant: **找到根因了!** 这是 OpenClaw 的一个已知 bug — **startup deadlock**(启动死锁): + +1. `browser start` → 需要扩展已连接 +2. 扩展连接 → 需要 relay 服务(18792)运行 +3. relay 服务 → 需要 `browser start` 才创建 + +**死循环,谁也启动不了。** + +让我看看有没有更新版本修复了这个问题: +user: Conversation info (untrusted metadata): +```json +{ + "message_id": "790", + "sender_id": "975333652", + "sender": "星", + "timestamp": "Fri 2026-04-03 23:41 GMT+8" +} +``` + +Sender (untrusted metadata): +```json +{ + "label": "星 (975333652)", + "id": "975333652", + "name": "星", + "username": "zhuimanxing" +} +``` + +估计没有吧, 最新的就是04.01, 没别的解决方案吗 +user: Conversation info (untrusted metadata): +```json +{ + "message_id": "791", + "sender_id": "975333652", + "sender": "星", + "timestamp": "Fri 2026-04-03 23:44 GMT+8" +} +``` + +Sender (untrusted metadata): +```json +{ + "label": "星 (975333652)", + "id": "975333652", + "name": "星", + "username": "zhuimanxing" +} +``` + +怎么又没有反馈了 +assistant: 抱歉,刚才在翻文档和搜索。总结一下: + +**问题已确认:这是 OpenClaw 的已知 bug**(GitHub issue #32532) + +`browser start` → 要求扩展已连接 → 扩展要连 relay → relay 要 `browser start` 才创建 → **死循环** + +当前版本 2026.4.2 已是最新,bug 还没修。 + +--- + +**两个可行方案:** + +**方案 A:用 OpenClaw 托管浏览器(最简单)** +- 不需要扩展,不需要 relay +- 配置里改 `defaultProfile` 为 `openclaw`,重启即可 +- 缺点:不能用你已登录的 Chrome 会话 + +**方案 B:用 CDP 直连模式(推荐)** +- Chrome 启动时加 `--remote-debugging-port=9222` +- 配置里加一个 remote CDP profile 指向 `ws://127.0.0.1:9222` +- 优点:能用你自己的 Chrome,包括已登录状态 +- 缺点:每次启动 Chrome 要加参数 + +--- + +你想用哪个方案?我可以直接帮你配置。 diff --git a/memory/2026-04-03-late-night-checkin.md b/memory/2026-04-03-late-night-checkin.md new file mode 100644 index 0000000..995b3aa --- /dev/null +++ b/memory/2026-04-03-late-night-checkin.md @@ -0,0 +1,14 @@ +# Session: 2026-04-03 15:46:22 UTC + +- **Session Key**: agent:main:main +- **Session ID**: 8c84ac3b-ae73-443a-b719-977b959c4117 +- **Source**: telegram + +## Conversation Summary + +assistant: ✅ New session started · model: main/mimo-v2-omni (default: main/openclaw-main) +user: A new session was started via /new or /reset. Run your Session Startup sequence - read the required files before responding to the user. Then greet the user in your configured persona, if one is provided. Be yourself - use your defined voice, mannerisms, and mood. Keep it to 1-3 sentences and ask what they want to do. If the runtime model differs from default_model in the system prompt, mention the default model. Do not mention internal steps, files, tools, or reasoning. +Current time: Friday, April 3rd, 2026 — 11:45 PM (Asia/Hong_Kong) / 2026-04-03 15:45 UTC +assistant: Hey Lee 👋 快午夜了,今天有什么需要帮忙的? + +顺便说一下,当前用的是 `mimo-v2-omni` 模型,默认模型是 `openclaw-main`。 diff --git a/memory/2026-04-03-remote-access-fix.md b/memory/2026-04-03-remote-access-fix.md new file mode 100644 index 0000000..be034d1 --- /dev/null +++ b/memory/2026-04-03-remote-access-fix.md @@ -0,0 +1,60 @@ +# 2026-04-03/04 局域网访问 OpenClaw Control UI + +## 问题 +局域网其他设备无法访问 OpenClaw 的 Web UI(Control UI)。 + +## 原因 +1. **nginx SSL 证书权限问题**:本机 nginx 反代(`/etc/nginx/sites-enabled/reverse-proxy`)配置了 HTTPS → OpenClaw,但自签证书私钥 `/etc/ssl/self-signed.key` 权限为 `600 root:root`,nginx 以 `www-data` 运行无法读取。 +2. **Control UI 安全限制**:非 localhost 的 HTTP 访问会被 device identity 检查拦截。 + +## 解决方案 + +### 1. 修复 SSL 证书权限 +```bash +sudo chmod 640 /etc/ssl/self-signed.key +sudo chgrp www-data /etc/ssl/self-signed.key +sudo systemctl restart nginx +``` + +### 2. openclaw.json 配置 +`gateway.controlUi` 段添加: +```json +{ + "allowedOrigins": [ + "http://localhost:18789", + "http://127.0.0.1:18789", + "http://192.168.2.110:18789", + "http://192.168.2.110", + "https://192.168.2.110", + "https://192.168.2.110:443" + ], + "allowInsecureAuth": true, + "dangerouslyDisableDeviceAuth": true +} +``` + +### 3. nginx 反代配置 +文件:`/etc/nginx/sites-enabled/reverse-proxy` +```nginx +server { + listen 192.168.2.110:443 ssl; + ssl_certificate /etc/ssl/self-signed.crt; + ssl_certificate_key /etc/ssl/self-signed.key; + + location / { + proxy_pass http://127.0.0.1:18789; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_read_timeout 86400; + proxy_send_timeout 86400; + } +} +``` + +## 访问方式 +- 局域网:`https://192.168.2.110/`(自签证书,浏览器需手动信任) +- 首次连接需要 `openclaw devices approve`(或已启用 `dangerouslyDisableDeviceAuth` 则跳过) diff --git a/memory/heartbeat-state.json b/memory/heartbeat-state.json index ce5e1f7..9bf8f30 100644 --- a/memory/heartbeat-state.json +++ b/memory/heartbeat-state.json @@ -7,13 +7,13 @@ }, "lastProactiveHealthSummary": 1774859157, "lastTaskRun": { - "time": "2026-03-30T18:51:00+08:00", - "script": "/home/sinlee/monitor.sh", - "result": "CPU=10.7 MEM=28.6 DISK=5 LOAD=16h UPTIME=38m" + "time": "2026-03-31T12:00:00+08:00", + "script": "/home/sinlee/.openclaw/workspace/scripts/server-health-report.sh", + "result": "CPU=8.5 MEM=27.5 DISK=11 LOAD=1.14 UPTIME=8d9h46m" }, "lastCheck": 1774871484, "lastResult": { - "cpu": 13.5, - "memory": 31.38 + "cpu": 8.5, + "memory": 27.5 } } \ No newline at end of file