{ "title": "Claw Fleet Architecture", "overview": [ "OpenClaw is the ubuntu-local orchestration layer and Telegram HQ entrypoint.", "ZeroClaw provides host-scoped remote administration on grizzley and ice.", "Direct SSH targets extend the taskboard to hosts that do not run an active Claw runtime.", "The taskboard is the shared planning, dispatch, and audit surface across all host-operation families." ], "topologyDiagram": " Telegram / Forum Topics\n |\n +----------------+----------------+\n | |\n v v\n OpenClaw gateway ZeroClaw control\n ubuntu :18789 ice zeroclaw-admin\n local swarm topic router / paired gateway\n | |\n +------------+--------------------+\n |\n v\n shared taskboard UI\n |\n +-----------------+---------------------+\n | | |\n v v v\n OpenClaw agents ZeroClaw runtimes Direct SSH targets\n ubuntu-local grizzley / ice pve / truenas / panda\n", "sections": [ { "id": "openclaw", "title": "OpenClaw", "summary": "Primary orchestration family on ubuntu. Owns local swarm execution, HQ Telegram bindings, and ubuntu-host workflows.", "runtime": [ { "label": "Host", "value": "ubuntu (192.168.50.61)" }, { "label": "Service", "value": "openclaw.service" }, { "label": "Runtime", "value": "/srv/state/openclaw/current" }, { "label": "Config", "value": "/home/bear/.openclaw/openclaw.json" } ], "channels": [ { "label": "Telegram DM", "value": "allowlist: tg:5512934365" }, { "label": "Forum Group", "value": "Homelab HQ (-1003809447066)" }, { "label": "Gateway", "value": "LAN bind :18789 with token auth" } ], "configuredAgents": [ "main", "ubuntu", "docs", "gitea-admin", "planner", "builder", "reviewer" ], "diagram": "OpenClaw HQ topics\n topic 2 -> ubuntu\n topic 3 -> docs\n topic 4 -> gitea-admin\n topics 5-9 -> main, then delegate to host-scoped ZeroClaw paths\n\nmain\n|- ubuntu\n|- docs\n|- gitea-admin\n|- planner\n|- builder\n\\- reviewer\n", "notes": [ "Remote host personas were removed from OpenClaw.", "OpenClaw remains gateway-only on ubuntu.", "Swarm dispatch requires a repo slug that resolves through ~/.clawdbot/repo-map.json." ] }, { "id": "zeroclaw", "title": "ZeroClaw", "summary": "Host-scoped runtime family for remote administration. Grizzley is the primary active gateway. Ice is the control-plane runtime and topic router.", "runtime": [ { "label": "Primary", "value": "/srv/state/zeroclaw/current on grizzley" }, { "label": "Control", "value": "/home/bear/.zeroclaw-admin on ice" }, { "label": "Primary Service", "value": "zeroclaw.service" }, { "label": "Control Service", "value": "zeroclaw-admin.service" } ], "channels": [ { "label": "Grizzley Gateway", "value": "HTTP gateway :3000, pairing required" }, { "label": "Ice Telegram", "value": "Homelab-Ice (-1003728617160)" }, { "label": "Remote Routing", "value": "paired status/webhook to grizzley and pve" } ], "configuredAgents": [ "grizzley-zeroclaw", "ice-zeroclaw" ], "diagram": "Homelab-Ice topics\n 11 -> local ice operations\n 12 -> grizzley paired gateway\n 13 -> pve paired gateway\n 14 -> truenas blocker message\n 15 -> panda rollout pending\n\nice zeroclaw-admin\n -> zeroclaw-remote-gateway.sh status grizzley|pve\n -> zeroclaw-remote-gateway.sh webhook grizzley|pve \"\"\n", "notes": [ "Grizzley is host-scoped and should not proxy other hosts directly.", "Ice still uses host-local secret and encryption state under /home/bear/.zeroclaw-admin." ] }, { "id": "direct", "title": "Direct Host Targets", "summary": "SSH-backed host operations for systems that do not run an active OpenClaw or ZeroClaw runtime. These flows execute safe, built-in host checks and complete through the taskboard callback pipeline.", "runtime": [ { "label": "Execution", "value": "taskboard container on ubuntu" }, { "label": "Transport", "value": "SSH with mounted host key material" }, { "label": "Key Path", "value": "/root/.ssh/id_ed25519 inside container" } ], "channels": [ { "label": "PVE", "value": "root@192.168.50.11:22" }, { "label": "TrueNAS", "value": "christopher@192.168.50.12:22" }, { "label": "Panda", "value": "bear@192.168.50.196:22" } ], "configuredAgents": [ "pve-direct", "truenas-direct", "panda-direct" ], "diagram": "taskboard direct SSH\n -> pve : built-in Proxmox overview\n -> truenas : built-in storage overview\n -> panda : built-in SSH add-on overview\n\nEach direct task\n -> ssh safe built-in command\n -> capture stdout/stderr\n -> task callback -> completed result\n", "notes": [ "Direct targets are for safe built-in actions, not arbitrary remote shell execution from the UI.", "Completion state is written through the same callback pipeline used by remote agent runtimes." ] } ], "zeroclawAgents": [ { "slug": "grizzley-zeroclaw", "assignmentKey": "grizzley-zeroclaw", "aliases": ["grizzley-zeroclaw", "ZeroClaw Grizzley", "grizzley"], "name": "ZeroClaw Grizzley", "host": "grizzley", "role": "Edge host operator for grizzley", "runtimePath": "/app/zeroclaw/grizzley", "configPath": "/app/zeroclaw/grizzley/config.toml", "model": "glm-4.7", "emoji": "S", "channels": [ { "label": "Gateway", "value": "HTTP gateway :3000" }, { "label": "Access", "value": "paired remote gateway via ice" } ], "notes": [ "Host-scoped runtime for Traefik, OpenCode, and local services." ], "dispatch": { "method": "zeroclaw-webhook", "urlEnv": "ZEROCLAW_GRIZZLEY_URL", "tokenEnv": "ZEROCLAW_GRIZZLEY_TOKEN", "targetChannel": "grizzley gateway", "description": "Posts JSON webhook payloads to the grizzley ZeroClaw runtime." } }, { "slug": "ice-zeroclaw", "assignmentKey": "ice-zeroclaw", "aliases": ["ice-zeroclaw", "ZeroClaw Ice", "ZeroClaw Admin", "ice"], "name": "ZeroClaw Ice", "host": "ice", "role": "Control-plane operator for ice", "runtimePath": "/app/zeroclaw/ice", "configPath": "/app/zeroclaw/ice/config.toml", "model": "glm-5", "emoji": "I", "channels": [ { "label": "Telegram", "value": "Homelab-Ice topics 11-15" }, { "label": "Gateway", "value": "paired webhook + status routing" } ], "notes": [ "Control-plane runtime and topic router for remote host delegation." ], "dispatch": { "method": "zeroclaw-webhook", "urlEnv": "ZEROCLAW_ICE_URL", "tokenEnv": "ZEROCLAW_ICE_TOKEN", "targetChannel": "Homelab-Ice topic router", "description": "Posts JSON webhook payloads to the ice ZeroClaw runtime." } } ], "directAgents": [ { "slug": "pve-direct", "assignmentKey": "pve-direct", "aliases": ["pve-direct", "PVE Direct", "pve"], "name": "PVE Direct", "host": "pve", "role": "Direct Proxmox host checks over SSH", "runtimePath": "ssh://root@192.168.50.11:22", "configPath": null, "emoji": "P", "channels": [ { "label": "SSH", "value": "root@192.168.50.11:22" }, { "label": "Actions", "value": "proxmox-overview" } ], "tools": ["ssh", "systemctl", "pct", "qm"], "capabilities": [ "Verify core Proxmox services", "Enumerate running LXC containers", "Enumerate VM state" ], "files": [], "notes": [ "Uses direct SSH from the taskboard container.", "Designed for safe built-in verification flows." ], "dispatch": { "method": "direct-ssh", "hostname": "192.168.50.11", "user": "root", "port": 22, "defaultAction": "proxmox-overview", "actions": [ { "key": "proxmox-overview", "title": "Proxmox overview", "description": "Verify core services and list active LXCs and VMs.", "command": "systemctl is-active pve-cluster pvedaemon pveproxy pvestatd ssh && printf '\\nCTs:\\n' && pct list && printf '\\nVMs:\\n' && qm list", "successSummary": "PVE services and guest inventory collected" } ] } }, { "slug": "truenas-direct", "assignmentKey": "truenas-direct", "aliases": ["truenas-direct", "TrueNAS Direct", "truenas"], "name": "TrueNAS Direct", "host": "truenas", "role": "Direct storage checks over SSH", "runtimePath": "ssh://christopher@192.168.50.12:22", "configPath": null, "emoji": "T", "channels": [ { "label": "SSH", "value": "christopher@192.168.50.12:22" }, { "label": "Actions", "value": "storage-overview" } ], "tools": ["ssh", "zfs", "systemctl", "midclt"], "capabilities": [ "Verify storage datasets", "Check docker service state", "Report host identity and storage status" ], "files": [], "notes": [ "Runs safe read-only storage checks.", "Does not modify datasets or apps." ], "dispatch": { "method": "direct-ssh", "hostname": "192.168.50.12", "user": "christopher", "port": 22, "defaultAction": "storage-overview", "actions": [ { "key": "storage-overview", "title": "Storage overview", "description": "Report host identity, docker-app service state, and top-level ZFS datasets.", "command": "printf 'Host: '; hostname && printf '\\nDocker apps service:\\n' && systemctl is-active truenas-docker-apps.service || true && printf '\\nDatasets:\\n' && zfs list -o name,used,avail | head -n 12", "successSummary": "TrueNAS storage overview collected" } ] } }, { "slug": "panda-direct", "assignmentKey": "panda-direct", "aliases": ["panda-direct", "Panda Direct", "panda"], "name": "Panda Direct", "host": "panda", "role": "Direct SSH add-on checks for the Home Assistant host", "runtimePath": "ssh://bear@192.168.50.196:22", "configPath": null, "emoji": "H", "channels": [ { "label": "SSH", "value": "bear@192.168.50.196:22" }, { "label": "Actions", "value": "ssh-addon-overview" } ], "tools": ["ssh", "hostname", "cat", "ls"], "capabilities": [ "Verify SSH add-on shell reachability", "Report add-on OS state and mounted data files" ], "files": [], "notes": [ "Targets the Home Assistant SSH add-on shell, not a full host shell.", "Uses shell-safe inspection commands that work without supervisor API auth." ], "dispatch": { "method": "direct-ssh", "hostname": "192.168.50.196", "user": "bear", "port": 22, "defaultAction": "ssh-addon-overview", "actions": [ { "key": "ssh-addon-overview", "title": "SSH add-on overview", "description": "Report add-on shell identity, OS information, and mounted /data files.", "command": "printf 'Host: '; hostname && printf '\\nOS:\\n' && cat /etc/os-release && printf '\\nData dir:\\n' && ls -1 /data 2>/dev/null | head -n 10", "successSummary": "Panda SSH add-on overview collected" } ] } } ] }