Tools
Vaultwarden
By OpenClaw plugin: credential injection from VaultWarden at gateway startup
Install
npm install -gConfiguration Example
{
"plugins": {
"allow": ["vaultwarden"],
"entries": {
"vaultwarden": {
"enabled": true,
"config": {
"searchTerm": "openclaw"
}
}
}
}
}README
---
description: OpenClaw plugin for VaultWarden credential injection at gateway startup
tags:
- openclaw
- plugin
- vaultwarden
- security
- credentials
date: 2026-04-06
---
# VaultWarden Plugin for OpenClaw
Fetches credentials from VaultWarden at gateway startup and injects them into process environment variables. Credentials never live in openclaw.json.
## How It Works
1. Gateway starts -> plugin reads VAULTWARDEN_* env vars from LXC config
2. Unlocks vault via `bw` CLI
3. Searches for items matching a configurable search term (default: "openclaw")
4. Injects credentials as `process.env` variables (ANTHROPIC_API_KEY, GEMINI_API_KEY, etc.)
5. Locks vault immediately
Credentials exist only in process memory. Never written to disk.
## Vault Item Requirements
**The plugin only reads Login items (type 1). Secure Notes are NOT supported.**
Each credential must be stored as a **Login** item with:
- **Name**: descriptive, including agent name for scoping
- **URI**: must match a known provider domain (see table below)
- **Password**: the API key or token value
### Required URI -> Env Var Mapping
| Vault Item URI | Env Var Set | Provider |
|---|---|---|
| `api.anthropic.com` | `ANTHROPIC_API_KEY` | Anthropic |
| `api.openai.com` | `OPENAI_API_KEY` | OpenAI |
| `generativelanguage.googleapis.com` | `GEMINI_API_KEY` | Google Gemini |
| `openrouter.ai` | `OPENROUTER_API_KEY` | OpenRouter |
| Contains "discord" | `DISCORD_BOT_TOKEN` | Discord |
### Example Vault Items
```
Name: api.anthropic.com (Sofia - OpenClaw)
URI: https://api.anthropic.com
User: [email protected]
Pass: sk-ant-api03-...
Name: api.anthropic.com (Caroline - OpenClaw)
URI: https://api.anthropic.com
User: [email protected]
Pass: sk-ant-oat01-...
Name: aistudio.google.com (Default Gemini API Key)
URI: https://generativelanguage.googleapis.com
User: (any)
Pass: AIzaSy...
Name: discord.com (Caroline - Bot Token)
URI: https://discord.com
User: caroline
Pass: MTQ4NDcx...
```
### Converting Secure Notes
If credentials are currently stored as Secure Notes, convert them:
1. Open the item in VaultWarden web UI
2. Create a new Login item with the same name
3. Set the URI to the provider domain
4. Put the API key/token in the Password field
5. Save and delete the old Secure Note
## Configuration
Add to `openclaw.json`:
```json
{
"plugins": {
"allow": ["vaultwarden"],
"entries": {
"vaultwarden": {
"enabled": true,
"config": {
"searchTerm": "openclaw"
}
}
}
}
}
```
The `searchTerm` filters which vault items to fetch. Use agent names or "openclaw" to scope.
## LXC Container Requirements
These env vars must be set in the container's LXC config:
```
lxc.environment: VAULTWARDEN_URL=https://vault.home.vertigion.com
lxc.environment: VAULTWARDEN_EMAIL=<agent>@vertigion.com
lxc.environment: VAULTWARDEN_PASSWORD=<master password>
```
The `bw` CLI must be installed: `npm install -g @bitwarden/cli`
## Tools
- `vault_status` -- show which credentials were injected (names only, never values)
- `vault_refresh` -- re-fetch from vault after key rotation
## After Deployment
Remove plaintext API keys from `openclaw.json`:
- Delete `models.providers.anthropic.apiKey`
- Delete `models.providers.google.apiKey`
- Delete `models.providers.openai.apiKey`
- Keep `models.providers.*.apiKey` for Ollama providers (`"ollama-local"` markers are not secrets)
tools
Comments
Sign in to leave a comment