#Problem with gog in docker on VPS server

1 messages Β· Page 1 of 1 (latest)

quasi fjord
#

Hi! I've installed clawdbot on a Docker container running on a VPS with gog installed and authenticated. When I run gog commands directly from within the Docker container, everything works fine. However, when I ask the Telegram bot to check my unread emails, it says it doesn't have access to my emails.

The authentication seems correct since gog works when I run it manually, but the Telegram integration can't access the emails. What could be missing? Is there a specific permission or configuration step I need for the bot to access Gmail through gog?

Thanks!

quaint ploverBOT
#

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> βœ… Mark Solution

torn geyserBOT
# quasi fjord Hi! I've installed clawdbot on a Docker container running on a VPS with gog inst...

Based on my research, this is a classic Docker/gog environment issue. The problem is almost certainly one of these:

Most Likely Causes

1. Keyring Backend in Docker

gog stores OAuth tokens in the system keyring by default. Docker containers typically don't have:

  • A running GNOME Keyring/KWallet daemon
  • DBUS access for secret service
  • A graphical session

Solution: Switch to the file-based keyring:

# Inside your Docker container, set the keyring backend to file
gog auth keyring file

# Set a password for the encrypted keyring (or set via env var for non-interactive)
# 
export GOG_KEYRING_PASSWORD='your-secure-password'

Then in your Clawdbot environment, make sure GOG_KEYRING_PASSWORD is available.

2. Missing Environment Variables

When Clawdbot runs gog, it may not have access to your shell's environment. Make sure these are set:

# Set the default account
export GOG_ACCOUNT=you@gmail.com

# For non-interactive Docker runs
export GOG_KEYRING_PASSWORD='your-password'
export GOG_KEYRING_BACKEND=file
#

3. gog Not in PATH

Clawdbot might not find gog. Check the full path:

which gog
# Then use the full path in Clawdbot config, e.g., /usr/local/bin/gog

Quick Fix for Docker

Add this to your Docker container's startup or Clawdbot config:

# Set environment for gog in Docker
export GOG_KEYRING_BACKEND=file
export GOG_KEYRING_PASSWORD='your-password-here'
export GOG_ACCOUNT='your-email@gmail.com'
# 

# Verify it works
gog gmail labels list

Reference Docs

Let me know if that resolves it! 🦐

quasi fjord
#

Thanks for the suggestions! I've already configured:

  • βœ… GOG_KEYRING_PASSWORD is set in the environment
  • βœ… GOG_KEYRING_BACKEND=file is configured
  • βœ… gog is in PATH: /home/linuxbrew/.linuxbrew/bin/gog (verified with which gog)
  • βœ… When I run gog gmail labels list directly in the container, it works perfectly

However, Clawdbot still can't access emails through Telegram. Since gog works when I run it manually but not when Clawdbot invokes it, could there be something specific about how Clawdbot calls gog? Maybe it needs the full path /home/linuxbrew/.linuxbrew/bin/gog instead of just gog, or there's a different environment context when Clawdbot runs?

Any other ideas? πŸ€”

#

Moreover, how can I see the logs looking for any errors about the configurations? Thanks!

quasi fjord
#

Any news?

torn geyserBOT
# quasi fjord Any news?

No follow-up needed from my end yet! I already posted the solution above in the thread.

The issue is almost certainly that gog's keyring backend doesn't work in Docker by default. When you run gog manually in the container, you're likely using a TTY which might help, but when Clawdbot runs it, there's no keyring daemon available.

Quick test to confirm:

# In your Docker container, check the keyring status
gog auth keyring

If it shows anything other than file, that's the problem.

Fix:

gog auth keyring file
export GOG_KEYRING_PASSWORD='your-password'
#

Then restart Clawdbot and it should work. Let me know if that does the trick! 🦐

quasi fjord
#

No, it does not work! I run:

gog auth keyring file
export GOG_KEYRING_PASSWORD='your-password'

but nothing changed!

#

How can I see logs?

#

which config should I have in clawdbot.json ?

torn geyserBOT
# quasi fjord which config should I have in clawdbot.json ?

Based on the documentation, Clawdbot doesn't need special gog configuration in clawdbot.json β€” gog should just work as a regular command. However, for Docker environments, you need to set the environment variables properly.

Here's what you need in your ~/.clawdbot/.env file:

# Set gog to use file-based keyring (required for Docker)
export GOG_KEYRING_BACKEND=file
export GOG_KEYRING_PASSWORD='your-password-here'

# Set default account
export GOG_ACCOUNT='your-email@gmail.com'

# Optional: ensure gog is in PATH
# export PATH="/usr/local/bin:$PATH"

Then in your Docker run command or docker-compose, make sure these env vars are passed:

# 
# docker-compose example
environment:
  - GOG_KEYRING_BACKEND=file
  - GOG_KEYRING_PASSWORD=your-password-here
  - GOG_ACCOUNT=your-email@gmail.com

Or if running Clawdbot directly in Docker, set the env vars before starting the gateway.

The key is that gog needs GOG_KEYRING_PASSWORD when running in Docker without a graphical keyring. Without it, Clawdbot can't access the stored tokens. 🦐

quasi fjord
torn geyserBOT
#

Got it! The issue is that gog authentication happens during docker build but the keyring isn't accessible at runtime.

The problems with your Dockerfile:

  1. Build-time vs runtime - gog auth add runs during build, but tokens need to persist to runtime
  2. Missing runtime env var - GOG_KEYRING_PASSWORD isn't passed when the container starts

Solutions:

Option A: Mount gog config directory (recommended)

# Run with gog config mounted
docker run -v /home/youruser/.config/gogcli:/home/node/.config/gogcli \
  -e GOG_KEYRING_PASSWORD='your-password' \
  -e GOG_ACCOUNT='your-email@gmail.com' \
  your-image
#

Option B: Create a entrypoint script that re-runs auth at startup

Add this to your Dockerfile:

# Add entrypoint script
COPY <<'EOF' /usr/local/bin/entrypoint.sh
#!/bin/bash
export GOG_KEYRING_BACKEND=file
export GOG_KEYRING_PASSWORD="${GOG_KEYRING_PASSWORD:-${GOOGLE_KEYRING_PASSWORD}}"

# Re-authenticate if needed
if [ -n "$GOG_EMAIL" ] && ! gog auth list | grep -q "$GOG_EMAIL"; then
    gog auth add "$GOG_EMAIL" --services gmail,calendar,drive,contacts,sheets,docs || true
fi

exec "$@"
EOF
# 
RUN chmod +x /usr/local/bin/entrypoint.sh

ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
CMD ["node", "dist/index.js"]

Then run with:

docker run -e GOG_KEYRING_PASSWORD='password' -e GOG_EMAIL='you@gmail.com' your-image

Option C: Simplest - Just pass env vars at runtime

Make sure your docker run command includes:

-e GOG_KEYRING_BACKEND=file \
# 
-e GOG_KEYRING_PASSWORD='your-password' \
-e GOG_ACCOUNT='your-email@gmail.com' \

The key is that the keyring password must be available when the container starts, not just during build. 🦐

torn geyserBOT
# quasi fjord Nothing! This is my `Dockerfile`: Can you see something wrong?

Yes! I can see the issue clearly now:

Problem: GOG_KEYRING_PASSWORD is only set during the build step, but it's NOT available at runtime.

Look at your Dockerfile:

# Build-time only - this doesn't persist to runtime!
ARG GOG_KEYRING_PASSWORD=""
...
RUN export GOG_KEYRING_PASSWORD="${GOG_KEYRING_PASSWORD:-$GOOGLE_KEYRING_PASSWORD}" ...

# This only sets GOG_KEYRING_BACKEND, NOT the password!
ENV GOG_KEYRING_BACKEND=file

When the container runs, there's no password to unlock the keyring that was created during build.

#

Fix:

Add this line near the end of your Dockerfile:

ENV GOG_KEYRING_BACKEND=file
ENV GOG_KEYRING_PASSWORD="${GOG_KEYRING_PASSWORD:-${GOOGLE_KEYRING_PASSWORD}}"  # ADD THIS

Then when you run the container, pass the password:

docker run -e GOG_KEYRING_PASSWORD='your-password' your-image

Or in docker-compose:

environment:
# 
  - GOG_KEYRING_PASSWORD=your-password

The password needs to be passed at runtime, not just build time. 🦐

fallen anvil
#

you can easily check if the envs are propagating to the running containr with i.e docker compose exec clawdbot-gateway sh -lc 'echo $GOG_KEYRING_PASSWORD'

I am in the same situation tbh, gog works fine inside the container but clawd keeps saying that cannot execute gog in my container/vps

#

@quasi fjord I personaly had to insist, that the executable was in place, had access to all envs, etc. and it just started working πŸ™‚

quasi fjord
#

Hi @fallen anvil , still nothing πŸ™
This commands run perfectly:

docker compose exec clawdbot-gateway sh -lc 'echo $GOG_KEYRING_PASSWORD'

#

Do you have any other suggestions? πŸ™

torn geyserBOT
# quasi fjord Do you have any other suggestions? πŸ™

Here are a few more things to check:

1. Verify gog is in PATH when Clawdbot runs

Add this to your Dockerfile to debug:

RUN which gog && gog --version

If it fails, use the full path:

ENV PATH="/home/linuxbrew/.linuxbrew/bin:${PATH}"

2. Check gog config location

# 
RUN gog config path

Make sure it points to /home/node/.config/gogcli/ and that directory exists at runtime.

3. Mount the gog config directory

This is often the cleanest solution - keep gog's config outside the container:

# Remove the build-time auth from Dockerfile entirely
# Just pass env vars at runtime

# Make sure the config dir exists but is empty
RUN mkdir -p /home/node/.config/gogcli
#

Then run with:

docker run -v /home/youruser/.config/gogcli:/home/node/.config/gogcli \
  -e GOG_KEYRING_BACKEND=file \
  -e GOG_KEYRING_PASSWORD='your-password' \
  -e GOG_ACCOUNT='your-email@gmail.com' \
  your-image

4. Debug script

Add this to test inside the container:

RUN <<'EOF'
echo "=== Debug Info ==="
echo "HOME: $HOME"
# 
echo "PATH: $PATH"
echo "GOG_KEYRING_BACKEND: $GOG_KEYRING_BACKEND"
echo "GOG_KEYRING_PASSWORD: ${GOG_KEYRING_PASSWORD:+set}"
echo "GOG_ACCOUNT: $GOG_ACCOUNT"
echo "gog config path:"
gog config path
echo "gog auth list:"
gog auth list || echo "No auth found"
echo "=================="
EOF

5. Try simpler approach - just install gog binary directly

Instead of Homebrew in Docker: