A lightweight web dashboard for OpenClaw gateway management.
轻量级 OpenClaw 网关管理面板。
- 🤖 Agent Fleet — Chat with agents, view status, send messages, stream responses in real-time
- ⚙️ Model Config — Add/edit/delete LLM providers, manage model assignments per agent
- 🔍 Memory Search — Configure embedding models for semantic memory search
- 📊 Reports Viewer — Browse and read markdown reports from agent workspaces
- 💾 Config Backups — Auto-backup on every config change, one-click rollback
- 🔄 Auto Reset — Smart session reset when token usage exceeds threshold (with memory flush)
- 🛡️ Watchdog — Timeout detection and consecutive error auto-recovery
- 📱 Mobile Friendly — Responsive sidebar layout for mobile access
- Node.js ≥ 18
- A running OpenClaw gateway (
openclaw gateway start)
git clone https://github.com/lemon/opcstudio.git
cd opcstudio
npm install# Default port 9100
node server.js
# Custom port
PORT=8080 node server.jsOn first launch, a random auth token is generated and saved to .token. The dashboard URL with token is printed to console:
首次启动时会自动生成认证 token 并保存到 .token 文件。控制台会打印带 token 的访问 URL:
OpenClaw Dashboard running at http://127.0.0.1:9100/opcstudio/?token=YOUR_TOKEN
To run as a user service / 作为用户服务运行:
mkdir -p ~/.config/systemd/user
cat > ~/.config/systemd/user/opcstudio.service << 'EOF'
[Unit]
Description=OpenClaw Dashboard
After=network.target
[Service]
Type=simple
WorkingDirectory=/path/to/opcstudio
ExecStart=/usr/bin/node server.js
Restart=always
RestartSec=3
Environment=PORT=9100
[Install]
WantedBy=default.target
EOF
systemctl --user daemon-reload
systemctl --user enable --now opcstudio| Variable / 变量 | Default / 默认值 | Description / 说明 |
|---|---|---|
PORT |
9100 |
Server listen port / 服务监听端口 |
OPCSTUDIO_REPORT_SOURCES |
[] |
Additional report source directories (JSON array) / 额外的报告源目录(JSON 数组) |
By default, OPCStudio reads reports from ~/.openclaw/workspace/archive/. To add custom report directories:
默认情况下,OPCStudio 从 ~/.openclaw/workspace/archive/ 读取报告。添加自定义报告目录:
export OPCSTUDIO_REPORT_SOURCES='[
{"dir": "/home/user/.openclaw/agents/my-agent/workspace/reports", "prefix": "my-agent"},
{"dir": "/path/to/other/reports", "prefix": "other"}
]'Each source object:
dir— Absolute path to the directory containing.mdfiles / 包含.md文件的目录绝对路径prefix— Display prefix/category name in the sidebar / 侧边栏中的显示前缀/分类名称
OPCStudio uses token-based authentication:
OPCStudio 使用基于 token 的认证方式:
- Local/Tailscale connections (
127.0.0.1,::1,100.x.x.x) are trusted automatically / 本地和 Tailscale 连接自动信任 - Remote connections require a token via: / 远程连接需要通过以下方式提供 token:
- URL parameter:
?token=YOUR_TOKEN - HTTP header:
X-Token: YOUR_TOKEN - Cookie:
opc_token=YOUR_TOKEN
- URL parameter:
The token is stored in .token (auto-generated on first run, chmod 600).
Token 保存在 .token 文件中(首次运行时自动生成,权限 600)。
location /opcstudio/ {
proxy_pass http://127.0.0.1:9100/opcstudio/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}cloudflared tunnel --url http://127.0.0.1:9100
⚠️ When accessing through a reverse proxy, you need to add the external origin to OpenClaw'sgateway.controlUi.allowedOrigins:
⚠️ 通过反向代理访问时,需要将外部 origin 添加到 OpenClaw 的gateway.controlUi.allowedOrigins:
{
"gateway": {
"controlUi": {
"allowedOrigins": ["https://your-domain.com"]
}
}
}Browser ←→ OPCStudio (Express + WS Proxy) ←→ OpenClaw Gateway (WS RPC)
│ │
│ HTTP REST API │ Read/Write ~/.openclaw/openclaw.json
│ WebSocket events │ Config backups to ~/.openclaw/config-backups/
│ │ Reports from ~/.openclaw/workspace/archive/
| File / 文件 | Description / 说明 |
|---|---|
server.js |
Express server, REST API, agent fleet management, reports / Express 服务、REST API、Agent 管理、报告 |
lib/gateway-rpc.js |
WebSocket RPC client for OpenClaw gateway / OpenClaw 网关 WebSocket RPC 客户端 |
lib/ws-proxy.js |
WebSocket proxy for real-time event streaming / 实时事件流 WebSocket 代理 |
lib/utils.js |
Crypto utilities (ed25519 signing, cookie parsing) / 加密工具(ed25519 签名、cookie 解析) |
public/index.html |
Main dashboard UI (agent chat, reports) / 主面板 UI(Agent 聊天、报告) |
public/config.html |
Model configuration UI / 模型配置 UI |
| Method | Endpoint | Description / 说明 |
|---|---|---|
GET |
/api/config |
Get masked config / 获取脱敏配置 |
GET |
/api/providers |
List model providers / 列出模型提供商 |
POST |
/api/providers/:id |
Create/update provider / 创建/更新提供商 |
DELETE |
/api/providers/:id |
Delete provider / 删除提供商 |
GET |
/api/agents |
Get agent model config / 获取 Agent 模型配置 |
POST |
/api/agents/defaults |
Update global model defaults / 更新全局默认模型 |
POST |
/api/agents/:id/model |
Update per-agent model / 更新单个 Agent 模型 |
GET |
/api/fleet/ |
List agents with status / 列出 Agent 及状态 |
GET |
/api/fleet/:id/history |
Get chat history / 获取聊天历史 |
POST |
/api/fleet/:id/send |
Send message to agent / 向 Agent 发送消息 |
POST |
/api/fleet/:id/abort |
Stop running agent / 停止运行中的 Agent |
POST |
/api/fleet/:id/reset |
Reset agent session / 重置 Agent 会话 |
POST |
/api/test-provider |
Test provider connectivity / 测试提供商连接 |
GET |
/api/reports |
List reports / 列出报告 |
POST |
/api/reports/read |
Read report content / 读取报告内容 |
GET |
/api/backups |
List config backups / 列出配置备份 |
POST |
/api/backups/:name/rollback |
Rollback to backup / 回滚到备份 |
POST |
/api/restart |
Restart OpenClaw gateway / 重启 OpenClaw 网关 |
WS |
/api/gateway/ws |
WebSocket proxy to gateway / 网关 WebSocket 代理 |
- 🔒 API keys are masked in all API responses (only first/last 4 chars shown) / API 密钥在所有 API 响应中脱敏显示
- 🔑 Auth token stored with
600permissions / 认证 token 以600权限存储 - 🚫 Path traversal protection on backup/report operations / 备份和报告操作有路径遍历保护
- 🛡️ CSP headers, X-Frame-Options DENY, X-Content-Type-Options nosniff / CSP 头、X-Frame-Options DENY
⚠️ Do not expose without authentication — always use token auth for remote access / 不要在没有认证的情况下暴露 — 远程访问必须使用 token 认证