openclaw/clawdinators
openclaw/clawdinators
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
clawdinators/docs/POC.md
joshp123 4a40ae24e2 🤖 config: restrict main clawdinator discord scope to clawdinators-test 
What:
- remove #clawdributors-test and #clawdributors channel IDs from `nix/hosts/clawdinator-common.nix`
- keep only channel `1458426982579830908` (#clawdinators-test) in the main Discord allowlist
- simplify now-unused sendPolicy deny rules tied to removed channels
- align docs/memory/workspace references to #clawdinators-test only

Why:
- enforce single-channel listening surface for main clawdinator instances
- eliminate stale channel references that could cause operator confusion
- keep runtime config and docs aligned

Tests:
- nix shell nixpkgs#shellcheck nixpkgs#shfmt -c bash scripts/lint-shell.sh (pass)
- nix eval --raw .#nixosConfigurations.clawdinator-1.config.system.build.toplevel.drvPath --accept-flake-config >/dev/null (pass)
- nix eval --raw .#nixosConfigurations.clawdinator-2.config.system.build.toplevel.drvPath --accept-flake-config >/dev/null (pass)
2026-02-23 17:20:38 +01:00

37 lines
1.5 KiB
Markdown
Raw Permalink Blame History

# POC: CLAWDINATOR-1
Acceptance criteria:
- One AWS host provisioned from an AMI built from this repo.
- Host created via OpenTofu using `infra/opentofu/aws`.
- NixOS config applied via Nix (module or flake).
- CLAWDINATOR-1 connects to Discord #clawdinators-test.
- GitHub integration is read-only.
- Shared memory directory mounted and writable.
- Discord allowlist configured (guild + channels).
Secrets needed (initially):
- Discord bot token (per instance).
- GitHub token (PAT or App installation token).
- Anthropic API key.
- AWS credentials (image pipeline + infra).
Secrets wiring:
- Infra: AWS credentials for OpenTofu and CI.
Image pipeline:
- Build a bootstrap image with nixos-generators (raw) from `nix/hosts/clawdinator-1-image.nix`, upload to S3, import as an AMI via snapshot import + register-image.
- Launch instances from the AMI, then nixos-rebuild applies full config.
- Runtime: explicit token files via agenix (standard).
- GitHub token is required. Prefer GitHub App (`services.clawdinator.githubApp.*`) to mint short-lived tokens.
- Store PEM and tokens in the local secrets repo (see docs/SECRETS.md) and decrypt to `/run/agenix/*`.
- Discord token is required: set `services.clawdinator.discordTokenFile` to `/run/agenix/clawdinator-discord-token-<n>`.
Deliverables:
- Infra code in infra/opentofu/aws.
- Nix module in nix/.
- CLAWDINATOR config in clawdinator/.
Nix wiring notes:
- Apply nix-openclaw overlay (latest upstream).
- Enable services.clawdinator and provide openclaw.json config.
Reference in New Issue View Git Blame Copy Permalink