全部技能 分类浏览
← 返回
未分类

OpenClaw Backup

Encrypted backup and restore for OpenClaw agents. Creates two-tier archives: cloud-safe operational backups plus optional age-encrypted secrets for local rec...
zurbrick
未分类 clawhub v1.1.0 100000 Key: 无需
★ 0
Stars
📥 482
下载
💾 0
安装

概述

OpenClaw Backup

Use this skill for backup, verify, restore, and disaster-recovery workflows for an OpenClaw workspace.

Use when

  • setting up backup and restore for an OpenClaw agent or workspace
  • creating a cloud-safe operational backup
  • creating an encrypted secrets backup for local recovery
  • verifying a backup set before trusting it
  • dry-running or executing a restore
  • pushing an operational backup archive to GitHub

Do not use when

  • the user wants general file sync or generic backup advice unrelated to OpenClaw
  • you only need a one-off copy of a few files
  • secrets would be pushed or shared without encryption
  • the restore target or archive path is unclear

Default workflow

  1. Identify the job

Choose one lane:

  • backup
  • verify
  • restore
  • push operational archive to GitHub
  • schedule / drill / pre-change snapshot
  1. Start with the core path

Use the main scripts first:

  • bash {baseDir}/scripts/backup.sh
  • bash {baseDir}/scripts/verify.sh --manifest /manifest.json --archive /backup.tar.gz
  • bash {baseDir}/scripts/restore.sh --manifest /manifest.json --archive /backup.tar.gz --dry-run
  • bash {baseDir}/scripts/push-to-github.sh --manifest /manifest.json --archive /backup.tar.gz
  1. Keep the archive model straight

Default to operational-only backups for cloud storage.

Secrets are opt-in and must stay encrypted with age.

  1. Use dry-run before restore

Restore is high-blast-radius. Prefer --dry-run before a real restore.

  1. Load references only as needed
    • references/restore-guide.md — full disaster recovery walkthrough
    • references/what-to-backup.md — file coverage and rationale
    • references/retention-policy.md — retention guidance
    • references/workflows.md — weekly verify, monthly drill, pre-change snapshot, CI

Archive model

TierContentsCloud safe?Encrypted?
-----------------------------------------
OperationalWorkspace, redacted config, cronsYesNo (no secrets)
Secrets.env, agent auth profilesNoRequired (age)

Default: operational only. Secrets are opt-in via --include-secrets.

Prerequisites

  • age for secrets encryption
  • gh for GitHub push (optional)

Configuration

Set encryption via environment or flags:

export AGE_RECIPIENT="age1your_public_key"
export AGE_PASSPHRASE_FILE="/path/to/passphrase"

bash {baseDir}/scripts/backup.sh --include-secrets --age-recipient age1...

Safety rules

  • Never push secrets unless they are encrypted
  • Prefer verify before restore, and dry-run before live restore
  • Treat restore as destructive until proven otherwise
  • If paths or archive contents are ambiguous, stop and clarify

References

  • {baseDir}/references/restore-guide.md
  • {baseDir}/references/what-to-backup.md
  • {baseDir}/references/retention-policy.md
  • {baseDir}/references/workflows.md

版本历史

共 1 个版本

  • v1.1.0 当前
    2026-05-02 16:11 安全 安全

安全检测

暂无安全检测报告

Skill工具集 © 2026