Does launchd inherit my interactive shell .zshrc?

No by default—LaunchAgents start with a minimal environment. Put required variables in the plist EnvironmentVariables dictionary or a wrapper script that sources a controlled file.

Should API keys live only in .env?

Many teams split: non-secret defaults in openclaw.json, secrets in .env with strict file permissions, and launchd entries only for values that must exist before Node boots.

What is OPENCLAW_STATE_DIR used for?

It relocates runtime state away from the default home path—useful on shared cloud Mac accounts with quota separation or when you want backups to exclude agent scratch data.

AI Automation March 31, 2026

OpenClaw Environment Variables with launchd on Cloud Mac in 2026: Precedence, Secrets, and Safe Rollout

MacLogin AI Automation Team March 31, 2026 ~13 min read

Running OpenClaw gateways under macOS launchd on rented Apple Silicon hosts exposes a classic mismatch: your terminal session “sees” dozens of exports from .zshrc, while the LaunchAgent that actually respawns the gateway after reboot starts almost bare. In 2026, teams that skip a written precedence chart waste hours debugging “works in SSH, fails at boot” incidents—especially when API keys rotate quarterly and someone edits .env but forgets the plist. This guide explains why layering matters, prints a five-row precedence matrix, walks a nine-step rollout with numeric checkpoints, compares OPENCLAW_STATE_DIR relocation with risky shell import tricks, outlines secret rotation without unnecessary gateway churn, answers FAQ, and ties patterns to MacLogin regions (Hong Kong, Japan, Korea, Singapore, United States).

Cross-link operational context with OpenClaw cron + launchd scheduling, audit expectations in CLI hooks and compliance logging, transport stability from SSH keepalive troubleshooting, and remote gateway over SSH tunnel when the UI stays on a laptop.

Why Environment Layering Matters for OpenClaw Gateways

OpenClaw inherits Node’s usual process environment, then merges workspace files and optional dotenv-style loaders depending on your build. On a cloud Mac, three actors compete: the human operator’s interactive shell, the launchd-managed daemon, and CI jobs that SSH in to deploy. If only one path loads ANTHROPIC_API_KEY, you get flaky automations whenever maintenance reboots the host. Document the intended source of truth per variable class—boolean feature flags, model endpoints, filesystem roots, and bearer tokens should not all live in the same file without a table.

Reproducibility: Auditors ask “what file defines production?”—plists plus version-controlled JSON beat ad-hoc exports.
Least privilege: Separate read-only config from secret material with chmod 600 on .env.
Multi-tenant risk: Shared MacLogin accounts must never share a single ~/.openclaw tree across unrelated customers—use distinct users or relocated state directories.

Precedence Matrix: Where Each Variable Should Live

Layer	Best for	Caveats on launchd	Example keys
`EnvironmentVariables` in LaunchAgent plist	Boot-critical paths, `PATH` fixes	Requires `launchctl unload/load` to pick up edits	`NODE_OPTIONS`, custom roots
`openclaw.json` (workspace or user)	Non-secret defaults, feature toggles	Still parsed after process start—ensure file permissions	Model routing, tool allowlists
Repository `.env`	Secrets excluded from git	launchd must set `WorkingDirectory` correctly	Provider API keys
Wrapper shell script	Complex sourcing (rare)	Harder to audit; log argv carefully	Legacy enterprise CA bundles
Interactive-only exports	Developer laptops	Never rely on this for gateways	Aliased shortcuts

Reminder: After changing plists, validate with launchctl print gui/$(id -u)/com.example.openclaw (replace label) before assuming the new environment took effect.

Nine-Step launchd Environment Rollout

Baseline capture: From a working SSH session, dump env | sort into a ticket—mark which entries are actually required.
Classify: Tag each key secret, path, or flag; aim for zero duplicate definitions across plist and JSON.
Freeze PATH: Explicitly set minimal PATH in plist if Homebrew or nvm paths differ between console and daemon contexts.
WorkingDirectory: Point at the repo root that contains .env; mismatches cause silent missing-secret failures.
ProgramArguments: Prefer invoking node with absolute binary path from which node on that host.
Test unload/load: Cycle the agent twice; second cycle catches stale socket files.
Health check: Run openclaw doctor (or your build’s equivalent) and attach stdout to the change record.
Reboot drill: Schedule a controlled reboot window monthly on production-adjacent hosts; verify gateway auto-starts within 90 seconds.
Documentation: Store plist path + checksum in internal wiki; link MacLogin Help for SSH basics so contractors do not invent parallel startup scripts.

`OPENCLAW_STATE_DIR` and Shell Import Tradeoffs

Relocating state with OPENCLAW_STATE_DIR helps when your MacLogin plan mounts fast NVMe for builds but you want agent journals on a separate volume with different backup retention. Set the variable in the plist so launchd and CLI agree. Conversely, wrapping ProgramArguments with /bin/zsh -lc 'source ~/.profile && exec node ...' drags in interactive dotfiles—convenient for demos, hazardous for compliance because any developer edit can break production. Reserve shell sourcing for sandboxes only.

Secret Rotation Without Surprise Gateway Restarts

When API keys rotate, teams often bounce the entire gateway. Sometimes that is unavoidable, but if OpenClaw reads secrets per request from a file watcher or external secret store, you can reduce downtime. At minimum, stage rotations: write the new .env atomically (mv from temp), send SIGUSR or use your build’s reload hook if documented, and monitor error rates for 15 minutes before revoking the old key. Pair this workflow with hook logging from our hooks article so security can correlate key age with failure spikes.

Environment FAQ for 2026

Does Docker on Mac change anything? If you containerize the gateway, inject env at docker run time; launchd then only manages the container supervisor—keep diagrams updated.

What about multiple Node versions? Pin with absolute paths or a version manager file committed to the repo; never depend on whatever brew link happened to run last Tuesday.

Can I store env in 1Password CLI? Yes, but ensure the LaunchAgent waits for network and device approval where applicable—headless Mac minis in Tokyo may not have the same biometric prompts as laptops.

Why Mac mini M4 Hosts Simplify Strict Environment Discipline

Unified memory on M4 keeps Node, watchers, and optional local models responsive even when you run separate LaunchAgents for gateway and cron-style workers described in our cron guide. MacLogin’s five-region footprint lets you clone plist templates per region while varying only latency-sensitive endpoints. Rent capacity from the pricing page, apply the matrix above, and treat environment drift as an incident class—not an individual engineer’s mystery.

Standardize OpenClaw on dedicated Apple Silicon

One gateway per tenant reduces accidental env cross-talk.

View plans SSH / VNC guide