21 lines
815 B
Markdown
21 lines
815 B
Markdown
# 2026-03-06
|
|
|
|
## Telegram hardening
|
|
- Added Telegram group sender allowlist for commands:
|
|
- `channels.telegram.groupAllowFrom = ["8367012007"]`
|
|
- `channels.telegram.groups["*"].allowFrom = ["8367012007"]`
|
|
- Result: security audit critical finding for missing Telegram group allowlist cleared.
|
|
|
|
## Backups / MinIO
|
|
- Updated `scripts/backup-to-minio.sh` to back up full `~/.openclaw` (not just workspace memory files).
|
|
- Backup now uploads:
|
|
- `openclaw-<timestamp>.tar.gz`
|
|
- `openclaw-<timestamp>.tar.gz.sha256`
|
|
- `manifest.txt`
|
|
- Verified successful full backup upload to `s3://zap/workspace-backups/`.
|
|
- Enabled bucket versioning on `zap`.
|
|
- Added lifecycle rule for `workspace-backups/`:
|
|
- expire noncurrent versions after 90 days
|
|
- keep 3 newer noncurrent versions
|
|
- expire delete markers enabled
|