cal/claude-home
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity
e2ec022a33
claude-home/productivity/openclaw/CONTEXT.md
Cal Corum 425bb1abd8 Update OpenClaw documentation with deployment details 
Update CONTEXT with npm installation model, Homebrew wrapper setup,
systemd service config, and MiniMax integration. Expand troubleshooting
with gateway, Docker, and Homebrew error scenarios.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-07 22:21:05 -06:00

364 lines
11 KiB
Markdown
Raw Blame History

# OpenClaw Personal AI Assistant - Technology Context
## Overview
OpenClaw is an open-source personal AI assistant that runs locally with autonomous agent capabilities. Originally created as "Clawdbot" by Peter Steinberger, now community-maintained as OpenClaw.
**Deployment:** LXC 224 (10.10.0.224)
**Installation Method:** npm global installation (not Docker)
**Status:** Active
**Primary Use:** Personal automation, task management, Discord integration
## Architecture
### Deployment Model
**Installation:** OpenClaw installed globally via npm on LXC host (not containerized)
- Installed to: `/usr/lib/node_modules/openclaw/`
- Binary symlink: `/usr/bin/openclaw -> ../lib/node_modules/openclaw/openclaw.mjs`
- Service management: systemd user service (`openclaw-gateway.service`)
- Running as: `root` user (PID varies, check with `ps aux | grep openclaw-gateway`)
### Gateway-Centric Design
- **Gateway Daemon:** Single control plane for all operations
- **Messaging:** Handles chat platform integrations (Discord, Telegram, etc.)
- **Tool Execution:** Sandboxed code execution via nested Docker containers
- **Client Connections:** WebSocket and HTTP API for external integrations
### Key Components
1. **OpenClaw Gateway** - Node.js application, port 18789
2. **Docker-in-Docker Sandbox** - Isolated execution environment for skill code execution
3. **Persistent Workspace** - `~/.openclaw/` for configuration, agents, and memory
4. **Configuration Layer** - `~/.openclaw/openclaw.json` + environment variables
## System Users and Package Management
### User Accounts
- **root:** System administration, Docker operations, service management
- **openclaw:** Non-root user for Homebrew package management (UID 1000)
- Member of `sudo` and `docker` groups
- Password: `openclaw`
- Home directory: `/home/openclaw`
### Homebrew Installation
OpenClaw skills often depend on system binaries distributed via Homebrew. Following OpenClaw's official recommendations, Homebrew is installed for the `openclaw` user.
**Location:** `/home/linuxbrew/.linuxbrew/`
**User:** `openclaw` (non-root, as required by Homebrew)
**Critical: Homebrew Wrapper for Root Access**
Since OpenClaw gateway runs as root but Homebrew refuses to run as root, we use a transparent wrapper:
- **Real brew binary:** `/home/linuxbrew/.linuxbrew/bin/brew.real`
- **Wrapper script:** `/home/linuxbrew/.linuxbrew/bin/brew`
- **Behavior:** When root runs `brew`, wrapper automatically delegates to `openclaw` user
- **Result:** OpenClaw can auto-install skill dependencies without "running as root" errors
**Usage Patterns:**
```bash
# OpenClaw auto-installs skill dependencies (uses wrapper automatically)
# No manual intervention needed when installing skills from web UI
# Manual installation as root (uses wrapper)
brew install <package>
brew list
# Manual installation as openclaw user (direct)
su - openclaw
brew install <package>
brew list
# Legacy helper script (still available)
brew-as-openclaw install <package>
```
**Helper Script:** `/usr/local/bin/brew-as-openclaw`
- Legacy wrapper script for explicit `openclaw` user delegation
- Still available but unnecessary due to transparent wrapper at brew binary location
- Usage: `brew-as-openclaw <command> [args]`
**PATH Configuration:**
- System-wide: `/etc/profile.d/homebrew.sh` adds Homebrew to PATH
- User-specific: `openclaw` user's `~/.bashrc` includes Homebrew shellenv
- Binaries available at `/home/linuxbrew/.linuxbrew/bin/`
- All users can access Homebrew-installed binaries
### Package Management Strategy
1. **System packages:** Install via `apt` as root (Docker, git, curl, etc.)
2. **Skill dependencies:** Install via Homebrew as `openclaw` user
3. **Node packages:** Install via `npm` within OpenClaw workspace
## AI Provider Integration
**Current Provider:** MiniMax M2.1
- **Model:** MiniMax-M2.1 (200K context window)
- **API Type:** Anthropic-compatible messages API
- **Endpoint:** https://api.minimax.io/anthropic
- **Authentication:** Bearer token via `MINIMAX_API_KEY`
**Model Selection:**
- Primary: `minimax/MiniMax-M2.1` (standard, balanced performance)
- Fast variant: `minimax/MiniMax-M2.1-lightning` (lower latency, lower cost)
**Pricing (per 1M tokens):**
- M2.1: $0.50 input / $1.50 output
- M2.1 Lightning: $0.30 input / $0.90 output
## Discord Integration
**Bot Configuration:**
- **Policy:** DM pairing (secure by default)
- **Intents Required:** Message Content + Server Members
- **Permissions:** View/Send/History + Embeds + Files + Reactions
**Access Control:**
- DMs: Pairing code required (1-hour expiry)
- Guild channels: Can be enabled per-server with allowlists
- Mention requirement: Optional gating for shared channels
**Message Handling:**
- History context: 20 messages (configurable)
- File uploads: 8MB max (configurable)
- Response format: Markdown with embeds
## Security Model
### Process Isolation
- **Gateway Process:** Runs as root user on LXC host (systemd service)
- **Skill Execution:** Code sandboxed in Docker containers spawned by gateway
- **Docker Access:** Gateway has access to Docker socket for skill sandboxing
- **Container Isolation:** Skills run in isolated containers, not on host
### Secrets Management
- **Storage:** `~/.openclaw/openclaw.json` (JSON5 format)
- **Environment Variables:** Can be referenced via `${VAR_NAME}` syntax
- **Credentials Directory:** `~/.openclaw/credentials/` for sensitive data
- **Permissions:** Files owned by root (gateway user)
### Network Security
- **Exposed Ports:** 18789 (gateway web UI) accessible on LXC network
- **Outbound:** Requires internet access for AI API calls (MiniMax, etc.)
- **LXC Network:** 10.10.0.224 on internal homelab network
- **Discord:** WebSocket connection to Discord API for bot integration
## Operational Patterns
### Standard Operations
```bash
# Start OpenClaw gateway
openclaw gateway start
# Stop OpenClaw gateway
openclaw gateway stop
# Restart gateway (picks up config changes)
openclaw gateway restart
# Check service status
systemctl --user status openclaw-gateway.service
ps aux | grep openclaw-gateway
```
### Viewing Logs
```bash
# Follow gateway logs
journalctl --user -u openclaw-gateway.service -f
# View recent logs
journalctl --user -u openclaw-gateway.service -n 100
# Check startup logs
journalctl --user -u openclaw-gateway.service --since "10 minutes ago"
```
### Pairing Management
```bash
# List pending pairing requests
openclaw pairing list discord
# Approve pairing
openclaw pairing approve discord <code>
# Revoke access
openclaw pairing revoke discord <user_id>
```
### Diagnostics
```bash
# Full system health check
openclaw doctor
# Channel status (Discord, etc.)
openclaw channels status --probe
# Model configuration
openclaw models list
openclaw models get minimax/MiniMax-M2.1
# Check which user is running gateway
ps aux | grep openclaw-gateway | grep -v grep
```
### Configuration Updates
```bash
# Edit configuration
nano ~/.openclaw/openclaw.json
# Restart to apply changes
openclaw gateway restart
# Verify changes via logs
journalctl --user -u openclaw-gateway.service -n 50 | grep -i "config\|error"
# Check if gateway is running
ps aux | grep openclaw-gateway | grep -v grep
```
### Skills Management
OpenClaw skills extend the assistant's capabilities with specialized tools and integrations.
**Skill Installation Methods:**
1. **ClawHub Registry** (recommended):
```bash
# SSH to LXC as openclaw user
ssh openclaw@10.10.0.224
cd /opt/openclaw/workspace
# Install specific skill
clawhub install <skill-slug>
# Sync all configured skills
clawhub sync --all
# Update existing skills
clawhub update --all
```
2. **Manual Installation:**
```bash
# Create skill directory
mkdir -p /opt/openclaw/workspace/skills/<skill-name>
# Create SKILL.md file
nano /opt/openclaw/workspace/skills/<skill-name>/SKILL.md
```
**Skill Locations (priority order):**
1. `/opt/openclaw/workspace/skills/` (workspace skills, highest priority)
2. `~/.openclaw/skills/` (user skills, shared across agents)
3. Bundled skills (shipped with OpenClaw)
**Installing Skill Dependencies:**
Many skills require system binaries. Install dependencies using Homebrew:
```bash
# From root shell on LXC
brew-as-openclaw install jq # JSON processing
brew-as-openclaw install ffmpeg # Media processing
brew-as-openclaw install imagemagick # Image manipulation
# Or as openclaw user
su - openclaw
brew install <package-name>
```
**Enabling Skills:**
Configure in `openclaw.json`:
```json5
{
"skills": {
"entries": {
"skill-name": {
"enabled": true,
"apiKey": "${SKILL_API_KEY}", // If needed
"env": {
"CUSTOM_VAR": "value"
}
}
}
}
}
```
**Security Note:** Always review third-party skill code before enabling. Skills run with full OpenClaw privileges.
**Common Skills:**
- `browser` - Web automation via Playwright
- `shell` - Execute shell commands in sandbox
- `file-manager` - Advanced file operations
- `code-editor` - Code editing and refactoring
- `git` - Git repository operations
## Resource Usage Patterns
**Expected Baseline:**
- Idle: ~200MB RAM, <5% CPU
- Active chat: ~500MB RAM, 10-20% CPU
- Browser automation: ~1GB RAM, 30-50% CPU
- Concurrent operations: Up to 2GB RAM
**Disk Usage:**
- Application: ~500MB
- Workspace files: Variable (user-dependent)
- Logs: ~50MB/week (with rotation)
- Docker images: ~1GB
**Network:**
- AI API calls: ~10-100KB per request
- Discord: WebSocket connection (minimal bandwidth)
- File uploads: Up to 8MB per message
## Integration Points
### Current Integrations
- **Discord:** DM-based personal assistant
- **MiniMax API:** AI model provider
- **Docker:** Sandboxed execution environment
### Potential Future Integrations
- **n8n:** Workflow automation triggers (not currently configured)
- **Home Assistant:** Smart home control via API
- **Additional chat platforms:** Telegram, Signal, WhatsApp
- **Browser automation skills:** Web scraping, form filling
## Troubleshooting Quick Reference
| Issue | Solution |
|-------|----------|
| Gateway won't start | Check `docker compose logs` for errors; verify .env secrets |
| Discord not connecting | Verify `DISCORD_BOT_TOKEN` and intents enabled |
| "Used disallowed intents" error | Enable Message Content Intent in Discord portal |
| Pairing code not working | Check expiry (1 hour), regenerate if needed |
| High memory usage | Check for stuck browser automation processes |
| MiniMax API errors | Verify `MINIMAX_API_KEY`, check API quota |
## References
- **Official Docs:** https://docs.openclaw.ai/
- **GitHub:** https://github.com/openclaw/openclaw
- **Discord Setup:** https://docs.openclaw.ai/channels/discord
- **MiniMax Provider:** https://docs.openclaw.ai/providers/minimax
- **MiniMax Platform:** https://platform.minimax.io/
## Maintenance Notes
**Update Strategy:**
- Auto-updates: Gateway pulls `:latest` tag on restart
- Breaking changes: Check release notes before updating
- Rollback: Pin specific version tag if needed
**Backup Strategy:**
- Configuration: `openclaw.json` + `.env` (version controlled template)
- Workspace: `/opt/openclaw/workspace` (contains agent memory/files)
- Logs: Optional retention for debugging
**Monitoring:**
- Health check: HTTP endpoint at http://10.10.0.224:18789/health
- Discord connectivity: Verify bot status in server member list
- Resource usage: Monitor via Proxmox dashboard
Reference in New Issue View Git Blame Copy Permalink