-
Notifications
You must be signed in to change notification settings - Fork 106
Expand file tree
/
Copy path.env.example
More file actions
80 lines (65 loc) · 4.62 KB
/
.env.example
File metadata and controls
80 lines (65 loc) · 4.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# =============================================================================
# OpenClaw Enterprise — Deployment Configuration
#
# 1. Copy this file: cp .env.example .env
# 2. Fill in values (at minimum: STACK_NAME, REGION, ADMIN_PASSWORD)
# 3. Run: bash deploy.sh
# =============================================================================
# ── Stack Identity ─────────────────────────────────────────────────────────────
# Name used for all AWS resources (CloudFormation stack, S3 bucket, SSM paths…)
STACK_NAME=openclaw-enterprise
# AWS region for the gateway EC2 + AgentCore Runtime
# AgentCore is available in: us-east-1, us-west-2
REGION=us-east-1
# ── Admin Console ──────────────────────────────────────────────────────────────
# Password for the admin console login (ALL accounts share this password)
# Required — deployment will fail if left empty
ADMIN_PASSWORD=change-me-please
# JWT signing secret (leave empty to auto-generate a random one at deploy time)
JWT_SECRET=
# ── AI Model ───────────────────────────────────────────────────────────────────
# Default model for all agents. Nova 2 Lite is the most cost-effective.
# Options (make sure model access is enabled in Bedrock console):
# global.amazon.nova-2-lite-v1:0 — default, cheapest
# global.amazon.nova-pro-v1:0 — better quality, 3x cost
# global.anthropic.claude-sonnet-4-5-20250929-v1:0
# global.anthropic.claude-haiku-4-5-20251001-v1:0
MODEL=global.amazon.nova-2-lite-v1:0
# ── EC2 Instance ───────────────────────────────────────────────────────────────
# Graviton (ARM) types recommended — 20-40% better price-performance
# c7g.large ($0.0725/hr) is the default: handles ~30 concurrent employees
# t4g.medium ($0.038/hr) for small teams (<10 employees)
INSTANCE_TYPE=c7g.large
# EC2 key pair name for emergency SSH (leave empty for SSM-only, recommended)
KEY_PAIR=
# ── Network ────────────────────────────────────────────────────────────────────
# Option A — Create a new VPC automatically (default, no input needed)
EXISTING_VPC_ID=
EXISTING_SUBNET_ID=
# Option B — Use your existing VPC/subnet
# Uncomment and fill in your VPC and subnet IDs.
# The subnet must be a public subnet with internet access (IGW attached).
# EXISTING_VPC_ID=vpc-0abc1234567890def
# EXISTING_SUBNET_ID=subnet-0abc1234567890def
# Add VPC endpoints for private Bedrock + SSM traffic (no internet hop)
# Recommended for production. Adds ~$22/month (5 endpoints × $0.01/hr).
CREATE_VPC_ENDPOINTS=false
# CIDR allowed for SSH. Set to 127.0.0.1/32 to disable SSH (SSM-only).
ALLOWED_SSH_CIDR=127.0.0.1/32
# ── DynamoDB ───────────────────────────────────────────────────────────────────
# IMPORTANT: Table name MUST equal STACK_NAME — the CloudFormation IAM policy
# scopes DynamoDB access to arn:dynamodb:*:*:table/${StackName}. If you use a
# different table name, the EC2 will get AccessDeniedException on all DDB calls.
# Leave empty to auto-use STACK_NAME (recommended).
DYNAMODB_TABLE=
DYNAMODB_REGION=us-east-2
# ── S3 Workspace Bucket ────────────────────────────────────────────────────────
# Leave empty to auto-generate: openclaw-tenants-ACCOUNTID (default, one per account)
# Set a custom name when deploying multiple stacks in the same AWS account.
# Example: WORKSPACE_BUCKET_NAME=openclaw-tenants-263168716248-staging
WORKSPACE_BUCKET_NAME=
# ── Build Options ──────────────────────────────────────────────────────────────
# Set to "true" to skip Docker build (e.g. image already pushed, just update infra)
SKIP_DOCKER_BUILD=false
# Set to "true" to skip seeding DynamoDB (e.g. already seeded, just update infra)
SKIP_SEED=false