will/swarm-zap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6341bd9fb01654f31b8884a37b3baeaaf6202634
swarm-zap/TOOLS.md

193 lines
6.7 KiB
Markdown
Raw Blame History

# TOOLS.md - Local Notes
Skills define _how_ tools work. This file is for _your_ specifics — the stuff that's unique to your setup.
## What Goes Here
Things like:
- Camera names and locations
- SSH hosts and aliases
- Preferred voices for TTS
- Speaker/room names
- Device nicknames
- Anything environment-specific
## Examples
```markdown
### Cameras
- living-room → Main area, 180° wide angle
- front-door → Entrance, motion-triggered
### SSH
- home-server → 192.168.1.100, user: admin
### TTS
- Preferred voice: "Nova" (warm, slightly British)
- Default speaker: Kitchen HomePod
```
## Why Separate?
Skills are shared. Your setup is yours. Keeping them apart means you can update skills without losing your notes, and share skills without leaking your infrastructure.
---
## LAN Services (Will)
- Primary host LAN IP for local services: `192.168.153.113`
- Additional observed host LAN IP: `192.168.153.117` (eth0)
- Tailscale IP:
- `100.123.88.127`
### Session routing notes
- Current TUI conversations arrive with inbound metadata like:
- `channel: webchat`
- `provider: webchat`
- `surface: webchat`
- Telegram DMs route into a separate main session when `session.dmScope = "per-channel-peer"`.
- Verified 2026-03-10:
- TUI/webchat session remained separate from Telegram DM session
- Telegram outbound + inbound both worked
- Telegram inbound landed in its own main session file rather than the active TUI session
### Search routing
- Default page-reading tool: native `web_fetch`
- Default search path: `skills/local-meta-search/scripts/search.sh`
- Routing policy:
- use **SearXNG first** for normal web lookups
- fall back to **Brave MCP** if SearXNG fails or returns weak/empty results
- use **Brave MCP directly** when Will explicitly asks for Brave / a second opinion
- Backend labels should be called out in research answers when relevant
#### Search cheat sheet
- General/local-first search:
- `skills/local-meta-search/scripts/search.sh "query"`
- Direct SearXNG:
- `skills/searxng-local-search/scripts/search.sh "query"`
- Direct Brave MCP:
- `skills/brave-mcp-search/scripts/search.sh "query"`
- Native fetch:
- use tool `web_fetch(url=...)`
### Docker services
- **searxng**
- Image: `searxng/searxng:latest`
- Container: `searxng`
- Port: `18803 -> 8080`
- URL(s):
- `http://192.168.153.113:18803`
- `http://192.168.153.117:18803`
- API: JSON enabled (`search.formats` includes `html,json`)
- Runtime env: `SEARXNG_URL=http://192.168.153.113:18803` (workspace `.env`)
- Role: preferred local-first search backend
- Smoke test:
- `skills/searxng-local-search/scripts/smoke.sh openclaw`
- **whisper-server**
- Image: `ghcr.io/ggml-org/whisper.cpp:main`
- Container: `whisper-server`
- Port: `18801 -> 8080`
- Health: healthy
- URL(s):
- `http://192.168.153.113:18801`
- `http://192.168.153.117:18801`
- **brave-search (MCP)**
- Image: `mcp/brave-search:latest`
- Container: `brave-search`
- Port: `18802 -> 8000`
- URL(s):
- `http://192.168.153.113:18802`
- `http://192.168.153.117:18802`
- MCP endpoint: `http://192.168.153.113:18802/mcp`
- Note: Will confirmed Brave search port is `18802` on 2026-03-10.
- Verified 2026-03-10: reachable via `mcporter` as tool `brave_web_search`.
- Native Brave Search API (`web_search`) configured on 2026-03-10.
- Plan/rate note: Brave free plan hit `rate_limit: 1`; serialize requests instead of parallel bursts.
- **n8n-agent**
- Image: `docker.n8n.io/n8nio/n8n:latest`
- Container: `n8n-agent`
- Port: `18808 -> 5678`
- Health: healthy when last verified by host runtime output on 2026-03-11
- Primary LAN URL: `http://192.168.153.113:18808`
- Additional URL(s):
- `http://192.168.153.117:18808`
- `http://100.123.88.127:18808`
- Role: dedicated local n8n instance for agent-oriented workflows on the LAN
- Notes:
- initial host-port attempt on `18806` conflicted with another host listener; service was moved to `18808`
- webhook path `openclaw-ping` was created and tested end-to-end
- prefer narrow webhook-based integration before giving broad n8n admin/API control
### Embeddings (local)
- Runtime: Ollama
- Active model: `nomic-embed-text:latest`
- Model id: `0a109f422b47`
- Size: `595 MB`
- Processor: `100% GPU`
- Context: `2048`
- Loaded until: `Forever`
- Ollama embeddings endpoint: `http://192.168.153.113:18807`
- OpenClaw memory search: configured to use provider `ollama` with model `nomic-embed-text`
- OpenClaw memory index verified working on 2026-03-10 (`45 files`, `160 chunks`, vector dims `768`)
### Object storage (assistant bucket)
- Provider: MinIO
- Endpoint: `http://192.168.153.253:9000`
- Bucket: `zap`
- Credentials file: `~/.openclaw/credentials/minio-zap.env` (mode `600`)
- Backup script: `scripts/backup-to-minio.sh`
- Backup scope: full archive of `~/.openclaw` (tar.gz) + `sha256` + `manifest.txt`
- Backup schedule: system cron every 6 hours at minute 17
- `17 */6 * * * /home/openclaw/.openclaw/workspace/scripts/backup-to-minio.sh >> /home/openclaw/.openclaw/workspace/memory/minio-backup.log 2>&1`
- Bucket versioning: enabled
- Lifecycle rule (prefix `workspace-backups/`):
- expire noncurrent versions after 90 days
- keep 3 newer noncurrent versions
- expire delete markers enabled
### Gitea (LAN git repo)
- Repo: `will/swarm-zap.git`
- Base URL: `https://gitea-http.taildb3494.ts.net`
- Repo URL: `https://gitea-http.taildb3494.ts.net/will/swarm-zap.git`
- Username: `will`
- Credentials file: `~/.openclaw/credentials/gitea-swarm-zap.env` (mode `600`)
- Usage: backup/review for workspace work and skill development
### Kubernetes (homelab)
- Cluster access: available
- Shared namespace: `swarm`
- Kubeconfig: `~/.openclaw/credentials/kubeconfig-swarm.yaml` (mode `600`)
- Usage note: deploy assistant workloads into `swarm`; namespace is shared with other agents
- Cluster profile: small Raspberry Pi cluster — prefer lightweight images, low CPU/memory requests, and minimal replicas by default
### Local custom skills (security-reviewed)
- `skills/swarm-kubectl-safe`
- Purpose: safe kubectl operations scoped to `swarm`
- Script: `skills/swarm-kubectl-safe/scripts/kubectl-swarm.sh`
- `skills/whisper-local-safe`
- Purpose: local whisper-server transcription on LAN only
- Script: `skills/whisper-local-safe/scripts/transcribe-local.sh`
Why local equivalents were built:
- Candidate ClawHub skills `kubectl` and `faster-whisper-transcribe` were flagged as suspicious by ClawHub/VirusTotal checks.
- We intentionally avoided force-installing flagged skills for safety.
- Decision: use minimal local skills for now; revisit those ClawHub skills later if we perform a manual security review and explicitly approve.
Add whatever helps you do your job. This is your cheat sheet.
Reference in New Issue View Git Blame Copy Permalink