SynClaw logoSynClaw Docs
Sign inHome
OverviewHostingPublic WSSSelf-hostedModelFAQ
DocsHosting

Self-hosted: OpenClaw Files Bridge

Run a Dockerized bridge so Synclaw can browse and edit remote OpenClaw workspace files.

What this unlocks

  • Browse remote workspace directory tree from Synclaw.
  • Edit and save text files (`.md`, `.txt`, `.json`, `.yaml`, `.yml`, `.toml`, `.config`).
  • Edit `openclaw.config` directly in /filesystem.
  • Keep bridge token server-side (never exposed to browser).

1) Run the bridge with Docker

Build + run

cd packages/fs-bridge
docker build -t sutraha-fs-bridge .

docker run --rm -p 8787:8787 \
  -e FS_BRIDGE_TOKEN="replace_me" \
  -e WORKSPACE_ROOT_PATH="/srv/openclaw/workspaces/main" \
  -e FS_MAX_FILE_BYTES="1048576" \
  -e FS_ALLOWED_EXTENSIONS=".md,.txt,.json,.yaml,.yml,.toml,.config,.js,.jsx,.mjs,.ts,.tsx" \
  -v /srv/openclaw/workspaces/main:/srv/openclaw/workspaces/main \
  sutraha-fs-bridge

Per-user root path

Each customer can run their own bridge instance and set their own `WORKSPACE_ROOT_PATH` to whatever directory contains their OpenClaw workspace.

2) Publish image (optional)

GHCR example

docker tag sutraha-fs-bridge ghcr.io/sutraha/sutraha-fs-bridge:0.1.0
docker push ghcr.io/sutraha/sutraha-fs-bridge:0.1.0

3) Configure Synclaw

  1. Enable feature flag: NEXT_PUBLIC_OPENCLAW_FILES_ENABLED=true.
  2. Open /filesystem.
  3. Enable Workspace Files Bridge.
  4. Set bridge URL and workspace root path.
  5. Set bridge token and click Save.
  6. Use Workspace Files (Remote) and click Test bridge.

4) Security baseline

  • Use a strong unique FS_BRIDGE_TOKEN per bridge deployment.
  • Expose bridge behind HTTPS and private networking when possible.
  • Keep root path minimal (only agent workspace directory, not full server root).
  • Do not allow binary extensions in v1.
  • Monitor 401/403/409 errors in logs and rotate token when needed.

5) Troubleshooting

Quick checks

# 1) health check
curl -H "Authorization: Bearer <token>" https://<bridge-host>/health

# 2) list root
curl -H "Authorization: Bearer <token>" "https://<bridge-host>/v1/tree?path=."

# 3) read file
curl -H "Authorization: Bearer <token>" "https://<bridge-host>/v1/file?path=openclaw.config"