Mission Control cannot connect to OpenClaw gateway inside NemoClaw sandbox

[cluster2600]

Description

It is effectively impossible to connect Mission Control (or any external WebSocket client) to the OpenClaw gateway running inside a NemoClaw sandbox. Multiple issues compound to make this integration non-functional.

Issues Found

1. allowedOrigins gets overwritten on every config reload

Any change to ~/.openclaw/openclaw.json (e.g., openclaw models set) triggers a config reload that strips custom gateway.controlUi.allowedOrigins and dangerouslyAllowHostHeaderOriginFallback settings, resetting them to ["http://127.0.0.1:18789"].

Workaround found: Setting OPENCLAW_GATEWAY_ALLOWED_ORIGINS="*" as an environment variable works, but is lost when the gateway self-restarts after a config reload.

2. dangerouslyDisableDeviceAuth doesn't work

Setting gateway.controlUi.dangerouslyDisableDeviceAuth: true does not bypass the device identity check. The gateway still requires WebCrypto device signing, which needs an HTTPS secure context.

Related OpenClaw issues: #25293, #1679

3. Device pairing is lost on gateway restart

Each gateway restart clears paired devices, requiring manual re-approval via openclaw devices approve. Combined with issue #1 causing frequent restarts, this creates an endless loop.

4. SSH tunnel instability

The SSH tunnel forwarding port 18789 from sandbox to host drops frequently, requiring manual reconnection. There's no built-in port forwarding mechanism for the sandbox's OpenClaw gateway.

5. No way to make config file immutable

The sandbox user owns ~/.openclaw/openclaw.json, so chmod 444 is reversed by the next write. chattr +i requires root which the sandbox user doesn't have.

Environment

• DGX Spark (GB10, aarch64), Ubuntu 24.04
• OpenShell 0.0.10
• NemoClaw 0.1.0 (npm)
• OpenClaw 2026.3.11
• Mission Control 2.0.1

Expected Behaviour

nemoclaw start should configure and expose the OpenClaw gateway in a way that external dashboards can connect without manual intervention.

Suggested Fixes

1. OPENCLAW_GATEWAY_ALLOWED_ORIGINS env var should be respected even after config reloads
2. NemoClaw's start-services.sh should manage the gateway lifecycle (PR feat: auto-start OpenClaw gateway and port forwarding in nemoclaw start #310)
3. Gateway config normalization should preserve user-set controlUi fields
4. Consider a --no-device-auth CLI flag for openclaw gateway run

[cluster2600]

Resolved by upgrading OpenClaw to 2026.3.13

The root cause was in OpenClaw's config normalizer resetting allowedOrigins on every config write. This is fixed in OpenClaw 2026.3.13.

How to fix

Update the NemoClaw Dockerfile to use the latest OpenClaw:

RUN npm install -g openclaw@2026.3.13

Then rebuild the sandbox image via nemoclaw setup-spark.

What's fixed

• allowedOrigins persists after openclaw models set and other CLI commands
• External dashboards (Mission Control) can connect via WebSocket
• allowInsecureAuth setting is preserved

What still requires manual steps

• Device pairing: first connection requires openclaw devices approve <id> (one-time per device)
• SSH tunnel from sandbox to host for port 18789 forwarding

Suggestion

NemoClaw should pin OpenClaw >= 2026.3.13 in the Dockerfile to avoid this issue for new installs.

[cluster2600]

Resolved by upgrading OpenClaw to 2026.3.13. The allowedOrigins config now persists across config reloads.