From c235b04fc34b6a6f86d52a160c1ff14c84f4d380 Mon Sep 17 00:00:00 2001
From: William Valentin <william.valentin.info@gmail.com>
Date: Thu, 19 Mar 2026 15:35:43 -0700
Subject: [PATCH] feat: update ansible playbooks for openclaw VM configuration

- Add agentmon_ingest_url var to openclaw_servers inventory
- Reduce vm.swappiness from 10 to 5 for better memory management
- Refactor virtiofs mounts: remove bindfs layer, mount swarm-common
  directly at /mnt/swarm-common (simpler, no FUSE overhead)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 ansible/inventory.yml           |  2 +
 ansible/playbooks/customize.yml | 90 ++++++++++++++++++++++++++-------
 2 files changed, 73 insertions(+), 19 deletions(-)

diff --git a/ansible/inventory.yml b/ansible/inventory.yml
index db9e889..ccc6604 100644
--- a/ansible/inventory.yml
+++ b/ansible/inventory.yml
@@ -1,6 +1,8 @@
 all:
   children:
     openclaw_servers:
+      vars:
+        agentmon_ingest_url: "http://192.168.122.1:8080"
       hosts:
         zap:
           ansible_host: 192.168.122.182
diff --git a/ansible/playbooks/customize.yml b/ansible/playbooks/customize.yml
index dcd3ca3..bb6e6b9 100644
--- a/ansible/playbooks/customize.yml
+++ b/ansible/playbooks/customize.yml
@@ -15,10 +15,10 @@
 
   tasks:
 
-    - name: Set vm.swappiness=10 (live)
+    - name: Set vm.swappiness=5 (live)
       ansible.posix.sysctl:
         name: vm.swappiness
-        value: "10"
+        value: "5"
         state: present
         reload: true
 
@@ -26,46 +26,54 @@
       ansible.builtin.lineinfile:
         path: /etc/sysctl.conf
         regexp: '^vm\.swappiness'
-        line: 'vm.swappiness=10'
+        line: 'vm.swappiness=5'
         state: present
 
-    # ── swarm-common virtiofs share ────────────────────────────────────────
+    # ── virtiofs shares ─────────────────────────────────────────────────────
+    # Host: ~/lab/swarm          → Guest: /mnt/swarm
     # Host: ~/lab/swarm/swarm-common → Guest: /mnt/swarm-common
-    # Virtiofs is mounted raw to /mnt/swarm-common-raw, then bindfs remaps
-    # ownership to openclaw before presenting at /mnt/swarm-common.
+    # Mounted directly via virtiofs (no bindfs layer).
+    # Host dirs have o+w so openclaw (UID 999) can write.
 
-    - name: Create swarm-common raw virtiofs mount point
+    - name: Create swarm virtiofs mount point
       ansible.builtin.file:
-        path: /mnt/swarm-common-raw
+        path: /mnt/swarm
         state: directory
         mode: "0755"
 
-    - name: Create swarm-common bindfs mount point
+    - name: Create swarm-common virtiofs mount point
       ansible.builtin.file:
         path: /mnt/swarm-common
         state: directory
         mode: "0755"
 
-    - name: Install bindfs (for virtiofs ownership remapping)
-      ansible.builtin.apt:
-        name: bindfs
+    - name: Add swarm virtiofs entry to fstab
+      ansible.posix.mount:
+        path: /mnt/swarm
+        src: swarm
+        fstype: virtiofs
+        opts: defaults
         state: present
 
     - name: Add swarm-common virtiofs entry to fstab
       ansible.posix.mount:
-        path: /mnt/swarm-common-raw
+        path: /mnt/swarm-common
         src: swarm-common
         fstype: virtiofs
         opts: defaults
         state: present
 
-    - name: Add swarm-common bindfs entry to fstab
-      ansible.posix.mount:
+    - name: Ensure swarm share root is world-writable (for openclaw UID 999)
+      ansible.builtin.file:
+        path: /mnt/swarm
+        mode: "0777"
+        state: directory
+
+    - name: Ensure swarm-common share root is world-writable (for openclaw UID 999)
+      ansible.builtin.file:
         path: /mnt/swarm-common
-        src: "bindfs#/mnt/swarm-common-raw"
-        fstype: fuse
-        opts: "force-user=openclaw,force-group=openclaw,perms=a+rX,create-for-user=openclaw,create-for-group=openclaw"
-        state: present
+        mode: "0777"
+        state: directory
 
     - name: Ensure openclaw user lingering is enabled (for user systemd services)
       ansible.builtin.command:
@@ -169,6 +177,50 @@
         state: started
         enabled: true
 
+    # ── Agentmon telemetry hook ──────────────────────────────────────────────
+    # Deploys the agentmon hook to OpenClaw's hooks directory so agent
+    # activity (sessions, runs, tool calls, errors) is streamed to the
+    # agentmon ingest gateway for monitoring.
+
+    - name: Create agentmon hook directory
+      ansible.builtin.file:
+        path: "{{ openclaw_home }}/.openclaw/hooks/agentmon"
+        state: directory
+        owner: "{{ openclaw_user }}"
+        group: "{{ openclaw_user }}"
+        mode: "0755"
+
+    - name: Deploy agentmon hook files
+      ansible.builtin.copy:
+        src: "files/agentmon-hook/{{ item }}"
+        dest: "{{ openclaw_home }}/.openclaw/hooks/agentmon/{{ item }}"
+        owner: "{{ openclaw_user }}"
+        group: "{{ openclaw_user }}"
+        mode: "0644"
+      loop:
+        - HOOK.md
+        - handler.ts
+
+    - name: Set AGENTMON_INGEST_URL in OpenClaw env
+      ansible.builtin.lineinfile:
+        path: "{{ openclaw_home }}/.openclaw/.env"
+        regexp: '^AGENTMON_INGEST_URL='
+        line: "AGENTMON_INGEST_URL={{ agentmon_ingest_url }}"
+        create: true
+        owner: "{{ openclaw_user }}"
+        group: "{{ openclaw_user }}"
+        mode: "0600"
+
+    - name: Set AGENTMON_VM_NAME in OpenClaw env
+      ansible.builtin.lineinfile:
+        path: "{{ openclaw_home }}/.openclaw/.env"
+        regexp: '^AGENTMON_VM_NAME='
+        line: "AGENTMON_VM_NAME={{ inventory_hostname }}"
+        create: true
+        owner: "{{ openclaw_user }}"
+        group: "{{ openclaw_user }}"
+        mode: "0600"
+
   handlers:
     - name: Restart unattended-upgrades
       ansible.builtin.systemd: