OpenClaw brain

DISASTER-RECOVERY.md

Brain/docs/DISASTER-RECOVERY.md

docs/DISASTER-RECOVERY.md

filedocs/DISASTER-RECOVERY.md
# Disaster recovery plan for OpenClaw / Kompis

Goal: restore Kompis/OpenClaw on a fresh VPS if the current server is lost.

## What `openclaw-brain` restores

This repo restores the human-facing assistant context:

- identity/persona/workspace files
- long-term and daily memory markdown
- safe semantic/episodic memory exports
- custom local skills
- sanitized config reference
- cron/server snapshots
- backup script

## What it does **not** restore

These must be recreated from trusted sources, never from Git:

- Telegram bot token
- GitHub CLI token
- SSH private keys
- API keys/provider credentials
- OAuth sessions
- device-pairing credentials
- OpenClaw runtime SQLite/cache/log state

## Recovery order

1. Create/rebuild VPS
   - Ubuntu 24.04 LTS recommended
   - SSH access enabled
   - firewall configured
   - system packages updated

2. Install essentials
   - `git`
   - `curl`
   - `gh` GitHub CLI
   - Node.js version required by OpenClaw
   - OpenClaw

3. Authenticate GitHub

   ```bash
   gh auth login --hostname github.com --git-protocol ssh --web
   ```

4. Clone brain repo

   ```bash
   mkdir -p /root/.openclaw
   git clone git@github.com:BeViable42/openclaw-brain.git /root/.openclaw/workspace
   ```

5. Restore workspace files

   The repo is already arranged as the workspace root, so confirm:

   ```bash
   cd /root/.openclaw/workspace
   ls AGENTS.md SOUL.md USER.md MEMORY.md
   ```

6. Recreate secrets and channel auth

   Use OpenClaw onboarding/config tools to recreate:

   - Telegram bot token/channel config
   - model provider auth
   - any API keys
   - allowed sender config

   Use `docs/OPENCLAW-CONFIG-SANITIZED.json` only as a reference. Do not paste redacted values as if they were real credentials. Obvious, but computers enjoy making fools of us.

7. Restore backup cron

   ```bash
   mkdir -p /home/root/bin
   cp /root/.openclaw/workspace/scripts/openclaw-backup.sh /home/root/bin/openclaw-backup.sh
   chmod 700 /home/root/bin/openclaw-backup.sh
   crontab -e
   ```

   Add:

   ```cron
   0 3 * * * /home/root/bin/openclaw-backup.sh >> /home/root/openclaw-backup.log 2>&1
   ```

8. Verify

   ```bash
   openclaw status
   gh auth status
   cd /root/.openclaw/workspace && git status
   /home/root/bin/openclaw-backup.sh
   ```

## Recommended extra protection

- Enable provider/VPS snapshots if available.
- Keep secrets in a password manager.
- Keep GitHub account protected with 2FA/passkey.
- Consider a second backup remote later, e.g. encrypted object storage.

## Recovery success criteria

Recovery is complete when:

- OpenClaw starts successfully
- Telegram/direct channel works
- Kompis sees `MEMORY.md`, `USER.md`, `SOUL.md`, and daily memory
- GitHub backup script can commit and push
- scheduled reminders/cron jobs are recreated or intentionally skipped