Recommendation: run a single gateway per machine for most setups. what do I do | Friends of the Crustacean 🦞🤝 | Page 1

sick ledge Apr 23, 2026, 5:39 PM

#

Recommendation: run a single gateway per machine for most setups. One gateway supports multiple agents (see docs: /gateway#multiple-gateways-same-host).
If you need multiple gateways (e.g., a rescue bot on the same host), isolate ports + config/state (see docs: /gateway#multiple-gateways-same-host).

sullen cedarBOT Apr 23, 2026, 5:39 PM

#

clever phoenixBOT Apr 23, 2026, 5:39 PM

#

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> ✅ Mark Solution

sick ledge Apr 23, 2026, 5:39 PM

#

Recommendation: run a single gateway per machine for most setups. One gateway supports multiple agents (see docs: /gateway#multiple-gateways-same-host).
If you need multiple gateways (e.g., a rescue bot on the same host), isolate ports + config/state (see docs: /gateway#multiple-gateways-same-host).

misty perchBOT Apr 23, 2026, 5:41 PM

#

Usually, do nothing special here 🙂

If this is just one machine running your normal bot, use one gateway and put multiple agents behind it.

Only set up a second gateway if you explicitly want isolation, like a rescue bot. In that case:

give it a separate profile
use a different port
keep config, state, and workspace separate

Example:

# main
openclaw gateway --port 18789

#

# rescue
openclaw --profile rescue gateway --port 19001

If you want the cleaner full setup flow:

openclaw --profile rescue onboard
openclaw --profile rescue gateway install

Important bits from the docs:

separate OPENCLAW_CONFIG_PATH
separate OPENCLAW_STATE_DIR
separate agents.defaults.workspace
leave about 20 ports between gateway base ports

#

Docs:

If you're already hitting a warning/error, paste:

openclaw --version
openclaw gateway status --deep

and I’ll help you read it.

#

Short version, if you are not intentionally running 2 separate gateways, ignore that warning and stick with one gateway.

What to do:

Run one openclaw gateway
Add/use multiple agents under that same gateway if needed
Only create a second gateway if you specifically want isolation, like a rescue bot

If you do want 2 gateways on one machine, then each one needs:

its own --profile
its own port
its own config/state/workspace

Example:

#

openclaw gateway --port 18789
openclaw --profile rescue gateway --port 19001

Docs:

If you're unsure what your machine is currently doing, paste:

openclaw --version
openclaw gateway status --deep

and I’ll tell you which setup you actually have.

sick ledge Apr 23, 2026, 6:28 PM

#

my openclaw answered who are you who am I after a restart gateway
🦞 OpenClaw 2026.4.22 (00bd2cf)
Somewhere between 'hello world' and 'oh god what have I built.'

│
◇
│
◇
OpenClaw status

Overview
┌──────────────────────┬───────────────────────────────────────────────────────┐
│ Item │ Value │
├──────────────────────┼───────────────────────────────────────────────────────┤
│ OS │ macos 15.7.4 (x64) · node 25.6.1 │
│ Dashboard │ http://127.0.0.1:18789/ │
│ Tailscale │ off │
│ Channel │ stable (default) │
│ Update │ pnpm · up to date · npm latest 2026.4.22 │
│ Gateway │ local · ws://127.0.0.1:18789 (local loopback) · │
│ │ reachable 95ms · auth token · Marcelos-iMac.local │
│ │ (192.168.1.144) app 2026.4.22 macos 15.7.4 │
│ Gateway self │ Marcelos-iMac.local (192.168.1.144) app 2026.4.22 │
│ │ macos 15.7.4 │
│ Gateway service │ LaunchAgent installed · loaded · running (pid 46902) │
│ Node service │ LaunchAgent installed · loaded · running (pid 53265) │
│ Agents │ 6 · 1 bootstrap file present · sessions 23 · default │
│ │ main active 6m ago │
│ Memory │ 113 files · 642 chunks · sources memory · plugin │
│ │ memory-core · vector ready · fts ready · cache on │
│ │ (887) │
│ Plugin compatibility │ none │
│ Probes │ skipped (use --deep) │
│ Events │ none │
│ Tasks │ 0 active · 0 queued · 0 running · 50 issues · audit │
│ │ 1 error · 29 warn · 173 tracked │
│ Heartbeat │ 1h (main), disabled (bob), disabled (chip), disabled │
│ │ (jade), disabled (nova), disabled (rex) │
│ Sessions │ 23 active · default claude-sonnet-4.6 (200k ctx) · 6 │
│ │ stores │
└──────────────────────┴───────────────────────────────────────────────────────┘

Task maintenance: openclaw tasks maintenance --apply

Security audit
Summary: 0 critical · 6 warn · 1 info
WARN Reverse proxy headers are not trusted
gateway.bind is loopback and gateway.trustedProxies is empty. If you expose the Control UI through a reverse proxy, configure trusted proxies so local-client c…
Fix: Set gateway.trustedProxies to your proxy IPs or keep the Control UI local-only.
WARN Control UI insecure auth toggle enabled
gateway.controlUi.allowInsecureAuth=true does not bypass secure context or device identity checks; only dangerouslyDisableDeviceAuth disables Control UI device…
Fix: Disable it or switch to HTTPS (Tailscale Serve) or localhost.
WARN Insecure or dangerous config flags enabled
Detected 1 enabled flag(s): gateway.controlUi.allowInsecureAuth=true.
Fix: Disable these flags when not actively debugging, or keep deployment scoped to trusted/local-only networks.
WARN Exec security=full is configured
Full exec trust is enabled for: main, rex, nova, bob, jade, chip.
Fix: Prefer tools.exec.security="allowlist" with ask prompts, and reserve "full" for tightly scoped break-glass agents only.
WARN Interpreter allowlist entries are missing strictInlineEval hardening
Interpreter/runtime allowlist entries were found without strictInlineEval enabled: - agents.main.allowlist: python3

misty perchBOT Apr 23, 2026, 6:29 PM

#

Yep, this looks like a bootstrap file still exists, not a multi-gateway problem.

The clue is here:

Agents: 6 · 1 bootstrap file present

BOOTSTRAP.md is the first-run ritual file. If it’s still sitting in an agent workspace, OpenClaw can act like it’s waking up fresh and ask the “who are you / who am I” questions again after restart.

What to do:

Find the leftover bootstrap file:
```
find ~/.openclaw -name BOOTSTRAP.md
```
Move/rename that file out of the workspace
Restart the gateway

#

Docs confirm it should only run once, and BOOTSTRAP.md should be removed after completion:

The security warnings in your paste are unrelated to this specific symptom.

If you want, paste the output of:

find ~/.openclaw -name BOOTSTRAP.md

and I’ll help you identify which agent/workspace is causing it.

sick ledge Apr 23, 2026, 6:30 PM

#

okey just moved it now what

misty perchBOT Apr 23, 2026, 6:31 PM

#

Nice, next step is just:

Restart the gateway
```
openclaw gateway restart
```
Start a fresh chat/session with that agent and see if it stops doing the identity/bootstrap questions.
Optional sanity check:
```
openclaw status
```
You want that bootstrap file present bit to be gone.

If it still happens after the restart, paste the new openclaw status output and I’ll keep digging.

#

Glad we caught that one 🦐

sick ledge Apr 23, 2026, 6:37 PM

#

OpenClaw status

Overview
┌──────────────────────┬───────────────────────────────────────────────────────┐
│ Item │ Value │
├──────────────────────┼───────────────────────────────────────────────────────┤
│ OS │ macos 15.7.4 (x64) · node 25.6.1 │
│ Dashboard │ http://127.0.0.1:18789/ │
│ Tailscale │ off │
│ Channel │ stable (default) │
│ Update │ pnpm · up to date · npm latest 2026.4.22 │
│ Gateway │ local · ws://127.0.0.1:18789 (local loopback) · │
│ │ reachable 1.24s · auth token · Marcelos-iMac.local │
│ │ (192.168.1.144) app 2026.4.22 macos 15.7.4 │
│ Gateway self │ Marcelos-iMac.local (192.168.1.144) app 2026.4.22 │
│ │ macos 15.7.4 │
│ Gateway service │ LaunchAgent installed · loaded · running (pid 71390) │
│ Node service │ LaunchAgent installed · loaded · running (pid 72429) │
│ Agents │ 6 · no bootstrap files · sessions 23 · default main │
│ │ active just now │
│ Memory │ 113 files · 642 chunks · sources memory · plugin │
│ │ memory-core · vector ready · fts ready · cache on │
│ │ (887) │
│ Plugin compatibility │ none │
│ Probes │ skipped (use --deep) │
│ Events │ none │
│ Tasks │ 0 active · 0 queued · 0 running · 50 issues · audit │
│ │ 1 error · 29 warn · 173 tracked │
│ Heartbeat │ 1h (main), disabled (bob), disabled (chip), disabled │
│ │ (jade), disabled (nova), disabled (rex) │
│ Sessions │ 23 active · default claude-sonnet-4.6 (200k ctx) · 6 │
│ │ stores │
└──────────────────────┴───────────────────────────────────────────────────────┘

Task maintenance: openclaw tasks maintenance --apply

Security audit
Summary: 0 critical · 6 warn · 1 info
WARN Reverse proxy headers are not trusted
gateway.bind is loopback and gateway.trustedProxies is empty. If you expose the Control UI through a reverse proxy, configure trusted proxies so local-client c…
Fix: Set gateway.trustedProxies to your proxy IPs or keep the Control UI local-only.
WARN Control UI insecure auth toggle enabled
gateway.controlUi.allowInsecureAuth=true does not bypass secure context or device identity checks; only dangerouslyDisableDeviceAuth disables Control UI device…
Fix: Disable it or switch to HTTPS (Tailscale Serve) or localhost.
WARN Insecure or dangerous config flags enabled
Detected 1 enabled flag(s): gateway.controlUi.allowInsecureAuth=true.
Fix: Disable these flags when not actively debugging, or keep deployment scoped to trusted/local-only networks.

#

WARN Exec security=full is configured
Full exec trust is enabled for: main, rex, nova, bob, jade, chip.
Fix: Prefer tools.exec.security="allowlist" with ask prompts, and reserve "full" for tightly scoped break-glass agents only.
WARN Interpreter allowlist entries are missing strictInlineEval hardening
Interpreter/runtime allowlist entries were found without strictInlineEval enabled: - agents.main.allowlist: python3
Fix: Set tools.exec.strictInlineEval=true (or per-agent tools.exec.strictInlineEval=true) when allowlisting interpreters like python, node, ruby, perl, php, lua, or osascript.
WARN Some gateway.nodes.denyCommands entries are ineffective
gateway.nodes.denyCommands uses exact node command-name matching only (for example system.run), not shell-text filtering inside a command payload. - Unknown …
Fix: Use exact command names (for example: canvas.present, canvas.hide, canvas.navigate, canvas.eval, canvas.snapshot, canvas.a2ui.push, canvas.a2ui.pushJSONL, canvas.a2ui.reset). If you need broader restrictions, remove risky command IDs from allowCommands/default workflows and tighten tools.exec policy.
Full report: openclaw security audit
Deep probe: openclaw security audit --deep

misty perchBOT Apr 23, 2026, 6:37 PM

#

That looks fixed ✅

The important line is:

Agents: 6 · no bootstrap files

So the restart/identity ritual issue should be gone now. If an old existing chat/session still behaves weird, open a new session/thread once, because the stale session may still carry old context.

The remaining warnings are separate from this bug. The only one I’d clean up later is:

gateway.controlUi.allowInsecureAuth=true

If you’re only using localhost, it’s not urgent, but I’d disable it when you’re done debugging.

Glad that helped 🎉
If this fixed it, please right-click the solution message → Apps → ✅ Mark Solution.
This helps Answer Overflow index the solution for future users.

sick ledge Apr 23, 2026, 6:39 PM

#

I still get the same reply who am I

misty perchBOT Apr 23, 2026, 6:39 PM

#

Those are hardening warnings, not “OpenClaw is broken” warnings.

For your setup, I’d split it like this:

Fine to leave for now

Exec security=full

This is common on a personal, trusted, local setup.
It becomes a concern if you want stricter approval/allowlist guardrails.

Good idea to fix

strictInlineEval

Since you allowlist python3, I’d enable this:

openclaw config set tools.exec.strictInlineEval true

That keeps stuff like python -c ... behind explicit approval even if python3 itself is allowed.

#

Needs cleanup, but I would inspect first

gateway.nodes.denyCommands ineffective

This means some deny entries don’t match real exact node command names.
denyCommands does not filter shell text, it only matches exact command IDs like canvas.present.

So my recommendation is:

Enable:

openclaw config set tools.exec.strictInlineEval true

Leave security=full alone unless you specifically want a tighter setup.
If you do, switch to:
```
openclaw config set tools.exec.security allowlist
```

#

Run:
```
openclaw security audit --deep
```
and paste the part that shows the bad gateway.nodes.denyCommands entries, then I can tell you exactly what to remove/change.

Docs:

If you want, I can help you harden this step by step without over-locking your setup.

#

Ah, good catch. If status says no bootstrap files, then the workspace is fixed. What’s probably stuck now is the session, not bootstrapping.

You have 23 active sessions, so I’d try the least-destructive fix first:

In the chat with your OpenClaw, send:

/new

or

/reset

That forces a fresh session. Docs: https://docs.openclaw.ai/concepts/session

#

If that fixes it, great, it was stale session context.

If it still answers with the same “who am I” stuff even after /new, then I want two things:

openclaw sessions --all-agents --active 120
openclaw logs --follow

Then trigger one bad reply and paste the relevant output here.

So, next step: try /new first. That’s the cleanest test.

sick ledge Apr 23, 2026, 6:43 PM

#

okey its back online, should I run the other stuff on terminal too

misty perchBOT Apr 23, 2026, 6:44 PM

#

Nope, not yet.

If it’s back online, do this first:

Test a normal message
If the old weird context is still there, send:
```
/new
```
or
```
/reset
```

If it answers normally after that, you’re done ✅

Only run terminal stuff if the “who am I” reply comes back again. Then grab:

#Recommendation: run a single gateway per machine for most setups. what do I do

Fine to leave for now

Good idea to fix

Needs cleanup, but I would inspect first

In the chat with your OpenClaw, send: