🎁 Get the FREE AI Skills Starter GuideSubscribe →
BytesAgainBytesAgain
🦀 ClawHub

雷神之影 Mjolnir Shadow

by @king6381

Mjolnir Shadow (雷神之影) — Automated rotating backup system for OpenClaw workspaces. Creates GPG-encrypted, rotating backups of workspace files, configs, and da...

Versionv2.0.0
Downloads675
TERMINAL
clawhub install mjolnir-shadow

📖 About This Skill


name: mjolnir-shadow description: "Mjolnir Shadow (雷神之影) — Automated rotating backup system for OpenClaw workspaces. Creates GPG-encrypted, rotating backups of workspace files, configs, and data to WebDAV storage. Requires bash, curl, Python 3, gpg (gnupg). Optional env var MJOLNIR_SHADOW_PASS for non-interactive GPG decryption. Triggers on backup, data safety, disaster recovery, workspace protection, system backup, 备份, 数据安全, 灾备, 雷神之影." metadata: {"clawdbot":{"homepage":"https://github.com/king6381/mjolnir-shadow","requires":{"binaries":["bash","curl","python3","gpg"],"env_optional":["MJOLNIR_SHADOW_PASS"]}}}

Mjolnir Shadow (雷神之影) 🌑

Automated rotating backup for OpenClaw workspaces with GPG-encrypted credential storage.

自动轮转备份系统,支持 GPG 加密凭证。

Requirements / 依赖

  • bash + curl — most Linux/macOS systems
  • Python 3.6+ — for setup wizard
  • GPG (gnupg) — for credential encryption (recommended)
  • WebDAV server — Nextcloud, ownCloud, Synology, etc.
  • Env var (optional): MJOLNIR_SHADOW_PASS — GPG passphrase for non-interactive cron runs
  • Quick Start / 快速开始

    # 1. Interactive setup (creates encrypted config)
    

    1. 交互式配置(创建加密配置)

    python3 scripts/setup_backup.py

    2. Run backup

    2. 运行备份

    bash scripts/backup.sh

    3. Check status

    3. 检查状态

    cat memory/backup-state.json

    How It Works / 工作原理

    1. Decrypt config via GPG (or read plaintext fallback) / GPG 解密配置 2. Collect workspace, configs, strategies, skills into archives / 打包文件 3. Upload to WebDAV via --netrc-file (credentials never in process listings) / 上传到 WebDAV 4. Rotate — keep N newest, delete oldest (FIFO) / 轮转:保留最新 N 个 5. Clean up — all temp files removed on exit / 退出时清理临时文件

    Security / 安全

  • GPG AES-256 encrypted credential storage / 凭证加密存储
  • --netrc-file for all curl calls (backup + restore) — no -u user:pass / 所有 curl 调用使用 netrc
  • HTTPS warning if WebDAV URL is not HTTPS / 非 HTTPS 警告
  • Channel auth excluded by default (configurable) / 默认排除通道认证 token
  • Temp cleanup via trap EXIT — netrc + archives removed even on failure / 异常退出也清理
  • Secret exclusion.gpg, .key, .secret, .env always excluded / 始终排除密钥文件
  • What Gets Backed Up / 备份内容

    | Component / 组件 | Includes / 包含 | Excludes / 排除 | |-----------|----------|----------| | Workspace | Memory, docs, scripts | .git, node_modules, venv, .env, secrets/*.gpg | | Config | openclaw.json, cron/ | Channel auth (default), *.gpg, *.secret | | Strategies | Strategy files, monitors | venv, __pycache__ | | Skills | Installed skill packages | node_modules, venv, *.gpg |

    Cron / 定时备份

    Setup wizard prints the cron command (does not auto-create). Add manually:

    配置向导打印 cron 命令(不会自动创建)。手动添加:

    # Every 3 days at 03:00 / 每 3 天凌晨 3 点
    openclaw cron add --name "🌑 Mjolnir Shadow" \
      --schedule "0 3 */3 * *" --tz "Asia/Shanghai" \
      --isolated --timeout 300 \
      --message "bash /path/to/scripts/backup.sh"
    

    Non-interactive GPG decryption / 非交互式 GPG 解密

    For unattended cron runs, use gpg-agent (recommended) or set MJOLNIR_SHADOW_PASS via a secure secret store — do NOT put plaintext passphrases in cron commands or world-readable files.

    非交互运行时,推荐使用 gpg-agent,或通过 安全的密钥存储 设置 MJOLNIR_SHADOW_PASS不要 在 cron 命令或明文文件中写入密码。

    # Recommended: use gpg-agent (pre-cache passphrase)
    

    推荐:使用 gpg-agent(预缓存密码)

    gpg-connect-agent /bye # ensure agent is running

    Alternative: read from encrypted credential store

    备选:从加密凭证存储读取

    export MJOLNIR_SHADOW_PASS="$(your-secret-manager get mjolnir-shadow-pass)"

    Restore / 恢复

    🚀 一键恢复(推荐新手)

    # 方式1: 全自动模式 — 带进度条,一键搞定
    bash scripts/restore.sh --auto

    方式2: 独立恢复引导 — 不依赖 OpenClaw,全新系统也能用

    bash scripts/restore-kit.sh

    --auto 模式会自动完成:解密配置 → 查找最新备份 → 下载 → 解压 → 恢复全部组件 → 重启 OpenClaw。全程进度条显示,小白友好。

    restore-kit.sh 是完全独立的脚本,不依赖任何已安装技能。适用于:

  • 全新系统重装后恢复
  • OpenClaw 还没装的时候
  • 从另一台机器 SCP 过来直接运行
  • # 从另一台机器拷贝过来运行
    scp kaixin:/path/to/restore-kit.sh . && bash restore-kit.sh
    

    手动模式(高级用户)

    bash scripts/restore.sh --list       # List backups / 列出备份
    bash scripts/restore.sh --latest     # Restore latest (manual) / 恢复最新(手动确认)
    bash scripts/restore.sh --file NAME  # Restore specific / 恢复指定
    

    手动模式先解压到临时目录,你可以检查后再决定覆盖哪些组件。

    Configuration Reference / 配置参考

    See references/config-reference.md for all options. / 详见配置参考文档。