OpenClaw WebDAV Backup
Lightweight backup/restore skill for OpenClaw.
It covers:
- - local backup archives (full and incremental)
- multi-level backup strategies (smart, daily, hourly)
- optional encryption for �INLINECODE0
- optional WebDAV upload
- restore from local backup archives
- backup version management (list, select, delete)
- backup integrity verification
- configuration health checks
- lightweight scheduled backup guidance
- optional Telegram notifications for backup success/failure
It does not provide WebDAV storage. The user must supply their own WebDAV endpoint and credentials.
When to use this skill
Use this skill when the user asks to:
- - back up OpenClaw (full or incremental)
- restore OpenClaw from backup
- migrate OpenClaw to a new VM or machine
- protect backup configs with encryption
- upload backups to a self-provided WebDAV target
- schedule daily or periodic backups
- receive Telegram notifications for scheduled backup success/failure
- prepare a simple disaster-recovery workflow
- check backup configuration health
- verify backup integrity
- manage backup versions (list, delete old backups)
Implementation layout
Canonical implementation lives inside the skill:
- - �INLINECODE1
- INLINECODE2
Thin wrapper scripts may also exist in the workspace and call these implementations. Keep the skill scripts as the source of truth.
Default workflow
1. Local backup (full)
�CODEBLOCK0
2. Incremental backup with smart strategy
Auto-determines level based on day:
- - Sunday: Level 0 (full backup)
- Monday-Saturday: Level 1 (incremental)
CODEBLOCK1
3. Encrypted backup + WebDAV upload
Prepare
.env.backup with the user's own WebDAV settings, then run:
bash skills/openclaw-webdav-backup/scripts/openclaw-backup.sh --encrypt-config --upload
Only do real upload after confirming the user wants to write to the remote WebDAV target.
4. Restore from a local backup set
�CODEBLOCK3
Backup Strategies
The skill supports multiple backup strategies via BACKUP_STRATEGY environment variable:
| Strategy | Description | Level Behavior |
|---|
| INLINECODE5� (default) | Always full backup | Level 0 |
| INLINECODE6 |
Weekly full backup | Level 0 |
|
daily | Daily with auto-incremental | Level 0 once, then Level 1 |
|
smart | Recommended for production | Sunday=Level 0, Mon-Sat=Level 1 |
|
hourly | Fine-grained incremental | Level 0 → 1 → 2 chain |
Level Explanation
- - Level 0: Full backup (tar creates complete archive + snapshot file)
- Level 1: Incremental backup (only files changed since Level 0)
- Level 2: Incremental backup (only files changed since Level 1)
Cron Examples
CODEBLOCK4
Manual Level Control
Override auto-detection with --level flag:
�CODEBLOCK5
Compression Options
The skill supports multiple compression tools with automatic detection of parallel variants:
| Option | Tool | Threads | Notes |
|---|
| INLINECODE11 | gzip | 1 | Standard, widely available |
| INLINECODE12 |
pigz | N | Parallel gzip, 3-5x faster |
|
zstd | zstd | 1 | High compression ratio |
|
pzstd | pzstd | N | Parallel zstd, fastest option |
Auto-Detection
By default, the skill auto-detects the best available compressor:
�CODEBLOCK6
Explicit Selection
Force a specific compressor:
�CODEBLOCK7
Parallel Jobs
Control the number of compression threads (default: auto-detect CPU cores):
�CODEBLOCK8
Installation
Install parallel compression tools for best performance:
�CODEBLOCK9
Backup Notifications
The skill supports multiple notification channels for backup success/failure alerts.
Supported Channels
| Channel | Status | Configuration |
|---|
| Telegram | ✅ Ready | Bot token + Chat ID |
| WeCom (企业微信) |
✅ Ready | Webhook key |
| Feishu (飞书) | ✅ Ready | Webhook token |
Quick Setup
- 1. Copy the example config:
�CODEBLOCK10
- 2. Edit
.env.backup.notify with your channel settings:
Telegram Setup
�CODEBLOCK11
WeCom (企业微信) Setup
BACKUP_NOTIFY=1
BACKUP_NOTIFY_CHANNEL="wecom"
BACKUP_NOTIFY_WECOM_KEY="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
BACKUP_NOTIFY_WECOM_MENTION="13800138000,13900139000" # Optional: mobile numbers
Get webhook key from: Group Settings → Add Robot → Copy Webhook URL key
Feishu (飞书) Setup
BACKUP_NOTIFY=1
BACKUP_NOTIFY_CHANNEL="feishu"
BACKUP_NOTIFY_FEISHU_TOKEN="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
BACKUP_NOTIFY_FEISHU_SECRET="your-secret" # Optional: if signature enabled
Get webhook token from: Group Settings → Add Bot → Copy Webhook URL token
Notification Content
Notifications include:
- - Backup status (✅ success / ❌ failure)
- Timestamp and backup type
- Local backup location
- Encryption status
- WebDAV upload status
- Retention settings
Important behavior notes
- -
openclaw.json may contain secrets, tokens, and API keys - prefer
--encrypt-config before remote upload - INLINECODE18� stores WebDAV connection settings and should not be committed
- INLINECODE19� is optional; it is only a convenience carrier for �INLINECODE20
- INLINECODE21� is optional and enables backup notifications when configured
- restore depends on the decryption password itself, not on the secret file specifically
- for encrypted backups,
.env.backup.secret and the password are either/or: either keep the file, or remember/provide the password - workspace backups exclude
.env.backup and �INLINECODE24 - local and remote retention are supported through
LOCAL_KEEP and �INLINECODE26
Read references when needed
- - For usage, included files, and backup examples: read �INLINECODE27
- For restore/decrypt flow and restore checks: read �INLINECODE28
- For automation with cron/systemd: read �INLINECODE29
- For migration/disaster-recovery planning: read �INLINECODE30
- For common user questions and boundary clarifications: read �INLINECODE31
- For config template examples: read
references/env.backup.example, references/env.backup.secret.example, and �INLINECODE34
Validated behaviors
This skill has been validated against a real OpenClaw setup for:
- - local backup creation
- encrypted config backup
- WebDAV upload
- local and remote retention
- restore drill to a simulated fresh-machine home directory
- cron-based scheduled backup
- Telegram notification on backup success
- backup integrity verification
- configuration health checks
Health Check & Integrity Verification
Configuration Health Check
Run scripts/openclaw-healthcheck.sh to diagnose backup environment:
CODEBLOCK14
Checks performed:
| Check | Description |
|---|
| Base Environment | workspace dir, state dir, openclaw.json, extensions |
| Backup Infrastructure |
backup root, snapshot dir, existing backups |
| Dependencies | tar, curl, openssl availability |
| Configuration | .env.backup, .env.backup.secret variables |
| Backup Integrity | Validates all existing tar.gz archives |
Exit codes:
- -
0 - All checks passed - INLINECODE37� - One or more critical checks failed
Backup Integrity Verification
Every backup automatically runs integrity checks:
- 1. Archive validation -
tar -tzf verifies archive structure - Manifest verification - Confirms manifest.txt exists
- Metadata check - Confirms workspace.meta exists
Failed integrity checks will abort the backup with error status.
To manually verify a specific backup:
�CODEBLOCK15
Restore with Integrity Check
When restoring, verify the backup before extraction:
CODEBLOCK16
Private-share checklist
Before sharing this skill privately, verify:
- - no real
.env.backup or .env.backup.secret is included - no real WebDAV URL, username, password, token, or backup passphrase remains in tracked files
- examples use placeholder values only
- docs state clearly that WebDAV storage is user-provided
- restore wording states password and secret file are either/or, not both required
- references match actual script behavior
Scope
This skill intentionally stays lightweight. It supports:
- - local backup and restore
- optional config encryption
- optional WebDAV upload
- local and remote retention
- password-based restore with optional secret file automation
It does not currently provide:
- - built-in WebDAV provisioning
- secret-manager integration
- fully automatic remote download-and-restore flow
- multi-target cloud replication
OpenClaw WebDAV 备份
适用于 OpenClaw 的轻量级备份/恢复技能。
涵盖范围:
- - 本地备份归档(完整备份与增量备份)
- 多级备份策略(智能、每日、每小时)
- openclaw.json 的可选加密功能
- 可选的 WebDAV 上传
- 从本地备份归档恢复
- 备份版本管理(列出、选择、删除)
- 备份完整性验证
- 配置健康检查
- 轻量级定时备份指南
- 可选的备份成功/失败 Telegram 通知
不提供 WebDAV 存储服务。用户需自行提供 WebDAV 端点和凭据。
何时使用此技能
当用户提出以下需求时使用此技能:
- - 备份 OpenClaw(完整或增量)
- 从备份恢复 OpenClaw
- 将 OpenClaw 迁移至新虚拟机或新机器
- 使用加密保护备份配置
- 将备份上传至自备的 WebDAV 目标
- 设置每日或定期备份计划
- 接收定时备份成功/失败的 Telegram 通知
- 准备简单的灾难恢复工作流程
- 检查备份配置健康状态
- 验证备份完整性
- 管理备份版本(列出、删除旧备份)
实现结构
规范实现位于技能目录内:
- - scripts/openclaw-backup.impl.sh
- scripts/openclaw-restore.impl.sh
工作区中可能还存在调用这些实现的轻量封装脚本。请以技能脚本为唯一权威来源。
默认工作流程
1. 本地备份(完整)
bash
bash skills/openclaw-webdav-backup/scripts/openclaw-backup.sh
2. 智能策略增量备份
根据日期自动确定备份级别:
- - 周日:级别 0(完整备份)
- 周一至周六:级别 1(增量备份)
bash
智能策略(推荐用于 cron)
BACKUP_STRATEGY=smart bash skills/openclaw-webdav-backup/scripts/openclaw-backup.sh
或显式设置级别
bash skills/openclaw-webdav-backup/scripts/openclaw-backup.sh --level=1
3. 加密备份 + WebDAV 上传
准备包含用户自有 WebDAV 设置的 .env.backup,然后运行:
bash
bash skills/openclaw-webdav-backup/scripts/openclaw-backup.sh --encrypt-config --upload
仅在确认用户希望写入远程 WebDAV 目标后才执行实际上传。
4. 从本地备份集恢复
bash
bash skills/openclaw-webdav-backup/scripts/openclaw-restore.sh --from backups/openclaw/latest --decrypt-config
备份策略
该技能通过 BACKUP_STRATEGY 环境变量支持多种备份策略:
| 策略 | 描述 | 级别行为 |
|---|
| full(默认) | 始终完整备份 | 级别 0 |
| weekly |
每周完整备份 | 级别 0 |
| daily | 每日自动增量备份 | 首次级别 0,之后级别 1 |
| smart | 推荐用于生产环境 | 周日=级别 0,周一至周六=级别 1 |
| hourly | 细粒度增量备份 | 级别 0 → 1 → 2 链式 |
级别说明
- - 级别 0:完整备份(tar 创建完整归档 + 快照文件)
- 级别 1:增量备份(仅自级别 0 以来变更的文件)
- 级别 2:增量备份(仅自级别 1 以来变更的文件)
Cron 示例
bash
智能策略:周日完整备份,工作日增量备份
0 0
0 BACKUP_STRATEGY=smart /path/to/openclaw-backup.sh --upload
30 3
1-6 BACKUP_STRATEGY=smart /path/to/openclaw-backup.sh --upload
仅每周完整备份
0 3
0 BACKUP_STRATEGY=weekly /path/to/openclaw-backup.sh --upload
每日自动级别检测
0 3
* BACKUP_STRATEGY=daily /path/to/openclaw-backup.sh
手动级别控制
使用 --level 标志覆盖自动检测:
bash
bash openclaw-backup.sh --level=0 # 强制完整备份
bash openclaw-backup.sh --level=1 # 强制增量备份(级别 1)
压缩选项
该技能支持多种压缩工具,并自动检测并行变体:
| 选项 | 工具 | 线程数 | 说明 |
|---|
| gzip | gzip | 1 | 标准,广泛可用 |
| pigz |
pigz | N | 并行 gzip,快 3-5 倍 |
| zstd | zstd | 1 | 高压缩比 |
| pzstd | pzstd | N | 并行 zstd,最快选项 |
自动检测
默认情况下,技能自动检测最佳可用压缩器:
bash
优先选择 pigz > gzip,pzstd > zstd
bash skills/openclaw-webdav-backup/scripts/openclaw-backup.sh
显式选择
强制指定特定压缩器:
bash
bash skills/openclaw-webdav-backup/scripts/openclaw-backup.sh --compress=pigz
bash skills/openclaw-webdav-backup/scripts/openclaw-backup.sh --compress=pzstd
并行任务数
控制压缩线程数(默认:自动检测 CPU 核心数):
bash
显式使用 8 个线程
PARALLEL_JOBS=8 bash skills/openclaw-webdav-backup/scripts/openclaw-backup.sh
或通过 CLI
bash skills/openclaw-webdav-backup/scripts/openclaw-backup.sh --jobs=8
安装
安装并行压缩工具以获得最佳性能:
bash
Ubuntu/Debian
sudo apt-get install pigz zstd
macOS
brew install pigz zstd
CentOS/RHEL
sudo yum install pigz zstd
备份通知
该技能支持多种通知渠道,用于备份成功/失败告警。
支持的渠道
| 渠道 | 状态 | 配置 |
|---|
| Telegram | ✅ 就绪 | Bot Token + Chat ID |
| 企业微信 |
✅ 就绪 | Webhook 密钥 |
| 飞书 | ✅ 就绪 | Webhook Token |
快速设置
- 1. 复制示例配置:
bash
cp references/env.backup.notify.example .env.backup.notify
- 2. 编辑 .env.backup.notify,填入你的渠道设置:
Telegram 设置
bash
BACKUP_NOTIFY=1
BACKUP
NOTIFYCHANNEL=telegram
BACKUP
NOTIFYTELEGRAM
CHATID=123456789
BACKUP
NOTIFYTELEGRAM
BOTTOKEN=123456:your-bot-token # 可选,可自动检测
企业微信设置
bash
BACKUP_NOTIFY=1
BACKUP
NOTIFYCHANNEL=wecom
BACKUP
NOTIFYWECOM_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
BACKUP
NOTIFYWECOM_MENTION=13800138000,13900139000 # 可选:手机号码
获取 webhook 密钥:群设置 → 添加机器人 → 复制 Webhook URL 密钥
飞书设置
bash
BACKUP_NOTIFY=1
BACKUP
NOTIFYCHANNEL=feishu
BACKUP
NOTIFYFEISHU_TOKEN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
BACKUP
NOTIFYFEISHU_SECRET=your-secret # 可选:如果启用了签名验证
获取 webhook token:群设置 → 添加机器人 → 复制 Webhook URL token
通知内容
通知包含:
- - 备份状态(✅ 成功 / ❌ 失败)
- 时间戳和备份类型
- 本地备份位置
- 加密状态
- WebDAV 上传状态
- 保留设置
重要行为说明
- - openclaw.json 可能包含密钥、令牌和 API 密钥
- 远程上传前建议使用 --encrypt-config
- .env.backup 存储 WebDAV 连接设置,不应提交至版本控制
- .env.backup.secret 为可选文件,仅作为 BACKUPENCRYPTPASS 的便捷载体
- .env.backup.notify 为可选文件,配置后启用备份通知
- 恢复依赖于解密密码本身,而非特定于密钥
