Complete Agent Backup

Data & APIs

Multi-platform backup and restore for Hermes Agent and OpenClaw. Backs up configuration, memories, skills, sessions, and workspace. Features: optional encryption, optional cloud storage (S3/Google Drive), incremental or full backups, flexible retention, integrity verification, and web-based management UI. Free and open source.

Install

openclaw skills install complete-agent-backup

Hermes Backup

Universal backup and restore for AI agent platforms. Works with Hermes Agent and OpenClaw.

What Makes This Different

Multi-platform — Works with both Hermes (~/.hermes/) and OpenClaw (~/.openclaw/)
Optional encryption — Password-protect your backups (AES-256)
Optional cloud — Set up S3, Google Drive, or Dropbox if you want off-site storage
Flexible backups — Full or incremental, your choice
Smart retention — Keep last N backups, or N days, or max N GB
Integrity checking — Verify backups before trusting them
Web UI — Browser-based management with progress bars

Installation

# Via ClawMart (recommended)
clawmart install hermes-backup

# Or manual
git clone https://github.com/yourname/hermes-backup
chmod +x hermes-backup/scripts/*.sh

Quick Start

# Create your first backup
hermes-backup create

# Or with the agent
"Create a backup of my agent"

Commands

Command	Description
`hermes-backup create`	Create backup (full or incremental)
`hermes-backup restore <file>`	Restore from backup
`hermes-backup serve`	Start web UI
`hermes-backup config`	Interactive configuration
`hermes-backup cloud setup`	Configure cloud storage
`hermes-backup list`	Show all backups
`hermes-backup verify <file>`	Check backup integrity
`hermes-backup schedule`	Set up automatic backups

What Gets Backed Up

Hermes Agent Structure

Component	Path	Contents
Config	`~/.hermes/config.yaml`	All settings, API keys
Environment	`~/.hermes/.env`	API keys, secrets
Identity	`~/.hermes/SOUL.md`	Agent personality
Memory	`~/.hermes/memories/`	Long-term memories
Sessions	`~/.hermes/sessions/`	Conversation history
Skills	`~/.hermes/skills/`	Installed skills
State	`~/.hermes/state.db`	Database
Workspace	`~/.openclaw/workspace/`	Cross-platform workspace

OpenClaw Structure

Component	Path	Contents
Config	`~/.openclaw/openclaw.json`	Gateway, models, channels
Workspace	`~/.openclaw/workspace/`	Agent files, skills
Credentials	`~/.openclaw/credentials/`	Channel pairing state
Sessions	`~/.openclaw/agents/main/sessions/`	Chat history
Skills	`~/.openclaw/skills/`	System skills
Cron	`~/.openclaw/cron/`	Scheduled jobs

Configuration

Interactive Setup

hermes-backup config

This walks you through:

Platform detection — Hermes or OpenClaw (auto-detected)
Backup location — Where to save archives
Encryption — Enable password protection? (optional)
Backup type — Full or incremental?
Retention — How many backups to keep?
Cloud — Set up cloud storage? (optional)

Config File (`~/.hermes-backup/config.yaml`)

platform: auto  # auto, hermes, or openclaw

backup:
  location: ~/backups/hermes
  type: full  # full or incremental
  compression: gzip  # gzip, bzip2, or none
  encryption: false  # true/false
  
retention:
  strategy: count  # count, days, or size
  keep_count: 10   # keep last N backups
  keep_days: 30    # or keep for N days
  max_size_gb: 5   # or max total size

incremental:
  enabled: false
  base_backup: null  # reference full backup
  
cloud:
  enabled: false
  provider: null  # s3, gdrive, dropbox
  # Provider-specific settings added during setup
  
integrity:
  verify_after_backup: true
  checksum_algorithm: sha256

Creating Backups

Full Backup (Default)

hermes-backup create
# → ~/backups/hermes/hermes-backup_20260326_143022.tar.gz

Incremental Backup

# First, create a base backup
hermes-backup create --full --tag base-2026-03-26

# Then incremental backups reference the base
hermes-backup create --incremental --base base-2026-03-26

Encrypted Backup

hermes-backup create --encrypt
# Prompts for password (not echoed)

⚠️ Warning: If you lose the encryption password, the backup is unrecoverable. Store it in a password manager.

With Cloud Upload

hermes-backup create --cloud-upload
# Creates backup locally, then uploads to configured cloud storage

Restoring Backups

Standard Restore

# Always dry-run first
hermes-backup restore ~/backups/hermes/hermes-backup_20260326_143022.tar.gz --dry-run

# If it looks good, apply
hermes-backup restore ~/backups/hermes/hermes-backup_20260326_143022.tar.gz

Encrypted Restore

hermes-backup restore ~/backups/hermes/hermes-backup_20260326_143022.tar.gz.enc
# Prompts for password

Selective Restore

# Restore only specific components
hermes-backup restore backup.tar.gz --components workspace,skills

Cloud Storage Setup

Amazon S3

hermes-backup cloud setup s3

# Prompts for:
# - AWS Access Key ID
# - AWS Secret Access Key  
# - Bucket name
# - Region (optional, defaults to us-east-1)

Google Drive

hermes-backup cloud setup gdrive

# Opens browser for OAuth authentication
# Or provides manual token setup for headless

Dropbox

hermes-backup cloud setup dropbox

# OAuth flow or manual token

Testing Cloud Connection

hermes-backup cloud test
# Verifies credentials and uploads a test file

Scheduling Automatic Backups

Via Cron

hermes-backup schedule

# Interactive setup:
# - How often? (daily, weekly, hourly)
# - What time?
# - Full or incremental?
# - Cloud upload?

Manual Cron Entry

# Add to crontab
0 3 * * * /usr/local/bin/hermes-backup create --quiet --cloud-upload
# Daily at 3am, quiet mode, upload to cloud

Web UI

hermes-backup serve --port 7373 --token YOUR_TOKEN

# Opens browser UI at http://localhost:7373
# Features:
# - Create backups (click button)
# - Download backups
# - Upload and restore
# - View backup history
# - Configure settings
# - Progress bars for operations

Integrity Verification

# Verify a specific backup
hermes-backup verify ~/backups/hermes/hermes-backup_20260326_143022.tar.gz

# Check all backups
hermes-backup verify --all

# Results:
# ✓ Backup is valid and restorable
# ✗ Backup is corrupted or incomplete

Listing Backups

hermes-backup list

# Output:
# BACKUP NAME                           SIZE     DATE       TYPE   ENCRYPTED  CLOUD
# hermes-backup_20260326_143022.tar.gz  45MB     2026-03-26 full   no         yes
# hermes-backup_20260325_090015.tar.gz  2MB      2026-03-25 incr   yes        no

Migration Between Platforms

Hermes → OpenClaw

# On Hermes machine
hermes-backup create --platform hermes

# Transfer file to OpenClaw machine
scp backup.tar.gz user@newserver:~/

# On OpenClaw machine
hermes-backup restore backup.tar.gz --platform openclaw

OpenClaw → Hermes

Same process, reverse direction.

Security Considerations

Backup Archive Contents

Backups contain highly sensitive data:

API keys (OpenAI, Anthropic, ElevenLabs, etc.)
Bot tokens (Telegram, Discord, etc.)
Session data
Personal memories/conversations

Security Best Practices

File Permissions
- Backups created with chmod 600 (owner only)
- Never chmod 777 a backup
Storage
- Keep local backups in encrypted disk/VeraCrypt
- Cloud backups: use provider encryption at rest
- Never commit backups to git
Transmission
- Use scp/sftp, not email
- Cloud uploads use HTTPS
- Web UI uses token authentication
Encryption Password
- Use a password manager (1Password, Bitwarden)
- Minimum 12 characters
- Mix of uppercase, lowercase, numbers, symbols
- Never reuse passwords
Rotation
- Old backups may contain old API keys
- Rotate API keys periodically
- Delete backups older than needed

Troubleshooting

"Permission denied" on backup

# Check directory permissions
ls -la ~/backups/hermes/

# Fix
chmod 700 ~/backups/hermes/

"Backup is corrupted"

# Try to verify
hermes-backup verify backup.tar.gz

# If corrupted, check disk space
df -h

# Check for disk errors
fsck /dev/sda1  # (unmount first)

"Cloud upload failed"

# Test connection
hermes-backup cloud test

# Check credentials
hermes-backup cloud status

# Re-configure if needed
hermes-backup cloud setup s3

Restore fails halfway

# Auto-backup is created before restore
# Check /tmp/hermes-pre-restore-*.tar.gz

# Restore from auto-backup
hermes-backup restore /tmp/hermes-pre-restore_TIMESTAMP.tar.gz

Scripts Reference

`scripts/backup.sh`

Main backup script. Creates .tar.gz archive with MANIFEST.json.

`scripts/restore.sh`

Restores from archive. Always dry-runs first. Creates pre-restore backup.

`scripts/serve.sh`

Starts web UI server. Requires --token for security.

`scripts/verify.sh`

Verifies backup integrity using checksums.

`scripts/cloud-upload.sh`

Uploads backup to configured cloud storage.

`scripts/config.sh`

Interactive configuration wizard.

Version History

v1.0.0

Initial release
Multi-platform support (Hermes + OpenClaw)
Full and incremental backups
Optional encryption (AES-256)
Optional cloud storage (S3, Google Drive, Dropbox)
Web UI for browser-based management
Integrity verification
Flexible retention policies
Migration support between platforms

License

MIT-0 — Free to use, modify, and redistribute. No attribution required.

Built for the MyClaw.ai ecosystem — the open AI personal assistant platform.