Build and operate a Quark/OpenList-style backup + restore workflow for OpenClaw workspaces, including QR login, account UID binding guard, whole-file cloud upload, dry-run restore, and Lighthouse snapshot policy (manual create only, weekly prompt). Use when users ask to set up/secure Quark backup automation, recovery runbooks, or share this backup capability with other OpenClaw users.

Install

openclaw skills install @aliyunbot/quarkpan-backup-suite

QuarkPan Backup Suite

Use this skill to deploy a production-safe backup workflow with these goals:

  • Keep automated workspace backups on Quark Drive.
  • Use the OpenList-style non-parallel whole-file upload flow for cloud writes.
  • Avoid QuarkPan's fragile large-file parallel_upload / X-Oss-Hash-Ctx path.
  • Enforce account binding so uploads cannot silently go to a wrong account.
  • Keep system rollback snapshots manual-only (no auto overwrite risk).
  • Provide reproducible restore steps and distributable skill package.

Current upload architecture

The current production path is:

  1. QuarkPan remains responsible for QR login / auth status / account binding guard.
  2. upload-quarkpan.sh runs the account guard before any cloud write.
  3. Actual cloud writes use quark-openlist-upload.py, a standalone OpenList/Alist-compatible uploader:
    • no parallel_upload: true
    • no synthetic X-Oss-Hash-Ctx
    • uses server-returned metadata.part_size
    • uses server-returned upload_url host
    • uploads archive and .sha256 as whole files
  4. CLOUD_SPLIT_FALLBACK=0 by default. Do not split backups unless the user explicitly requests a temporary emergency workaround.

Workflow

  1. Run preflight checks with scripts/check_env.sh.
  2. Configure backup policy using references/commands.md.
  3. Enforce account guard (bind, check, rotate-*) before uploads.
  4. Verify restore path with dry-run first.
  5. Keep Lighthouse snapshots manual-only; use weekly prompt policy.
  6. Package/share this skill with package_skill.py.

Guardrails

  • Do not auto-apply destructive restore.
  • Do not auto-create system snapshots by cron.
  • Require explicit confirmation for snapshot creation and snapshot rollback.
  • Keep cloud upload failure non-fatal for local backup success.
  • Do not log or publish Quark cookies, preview URLs, or auth tokens.
  • Do not revive the old QuarkPan large-file multipart path as the default uploader.

References

  • Command cookbook: references/commands.md
  • Security and rotation policy: references/security-policy.md
  • Sharing/export steps: references/share.md