🐾 claw-stack
Plugin OpenClaw Ecosystem

Auto Backup

Encrypted, deduplicated, hands-off backups for your entire OpenClaw setup β€” powered by restic and rclone.

Overview

Auto Backup keeps your OpenClaw config, agent memory, session logs, and source code safe without you ever thinking about it. It pairs restic for encryption and deduplication with rclone for Google Drive transport β€” and your encryption password lives in macOS Keychain, never on disk.

2
Paths Backed Up
7
Daily Snapshots
4
Weekly Snapshots
0
Plaintext Secrets

Capabilities

Key Features

Six layers of reliability β€” from on-device encryption to cloud transport to scheduled execution.

Encrypted Snapshots

Every backup is encrypted by restic before it ever leaves your machine. AES-256 encryption with a password stored exclusively in macOS Keychain β€” never written to disk.

Deduplication

restic's content-addressed storage means only changed chunks are uploaded. Incremental backups are fast and your Google Drive quota stays lean.

Google Drive Storage

Backups are transported to Google Drive via rclone OAuth. Your data lives in your own Drive folder β€” no third-party custody, no extra subscriptions.

macOS Keychain Security

The restic encryption password is generated once and stored in macOS Keychain under the service name openclaw-backup. It never touches a .env file or the filesystem.

Retention Policy

Keeps the last 7 daily and 4 weekly snapshots, then automatically prunes older ones after each run. You get history without runaway storage growth.

OpenClaw Cron Scheduling

Register the backup as an OpenClaw cron job (daily at 4 AM EST) and it runs hands-off β€” no crontab, no launchd, no manual triggers.

Architecture

How It Works

Backup Pipeline

Two source paths are passed to restic, which deduplicates and encrypts content before handing off to rclone for upload. The entire pipeline runs in a single ./backup.sh invocation.

~/.openclaw/ ~2.9 GB Β· config, memory, logs, media
~/projects/ ~1.3 GB Β· source code, experiments
↓ restic encrypt + dedup
rclone β†’ Google Drive Encrypted snapshot stored in your own Drive folder

Excluded (never backed up)

node_modules/ .venv/ browser/ cache .git/objects

Restore Flow

Any snapshot can be restored to an arbitrary target path. You can restore the full tree, filter to a specific subdirectory, or do a dry-run first to confirm what would land where.

./backup.sh Incremental backup β€” fast, deduped
./backup.sh --dry-run Preview changes without uploading
./restore.sh --list Show all available snapshots
./restore.sh --target ~/restore Restore latest to a safe directory
./setup.sh One-click install: brew, Keychain, rclone OAuth

Coverage

What Gets Protected

Every meaningful piece of your OpenClaw environment β€” from agent memory to cron jobs β€” covered in every snapshot.

Config & Workspace

Your entire ~/.openclaw/ directory: settings, plugin configs, and active workspace files (~2.9 GB).

Agent Memory

Persistent cross-session memory, shared entities, and long-term knowledge stored in ~/.openclaw/memory/.

Session Logs

Full conversation and tool-call logs from every session, preserved for audit and replay.

Media Files

Images, audio, and other media attached to agent sessions β€” kept alongside the logs that reference them.

Source Code

Your entire ~/projects/ directory (~1.3 GB) minus node_modules, .venv, and .git/objects (those are on GitHub).

Cron Jobs

OpenClaw cron schedules and task definitions are part of ~/.openclaw/ and are therefore included in every snapshot.

Coming Soon

Join the Waitlist

Be the first to know when this plugin launches.

Join the Waitlist