ClawHub

Home Server

v1.0.0

Plan, secure, and maintain a home server with Docker services, remote access, backups, and incident recovery.

0· 310·0 current·0 all-time
byIván@ivangdavila
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (plan, secure, maintain a home server) align with included documents (setup, memory template, incident playbook, checklists, service catalog). No unexpected binaries, env vars, or credentials are requested and the declared local config path (~/home-server/) matches the skill purpose.
Instruction Scope
SKILL.md instructs the agent to read setup.md, create and maintain files under ~/home-server/ after asking for confirmation, and to keep operational context there. This is coherent for a stateful assistant. Note: the skill will store potentially sensitive operational metadata (service exposure, data paths) locally — it explicitly forbids storing raw secrets or private keys, which is good practice. Users should verify the agent's prompts before confirming file creation.
Install Mechanism
Instruction-only skill with no install spec and no code files. This minimizes risk because nothing is downloaded or executed on install.
Credentials
No environment variables, credentials, or external config paths are requested. The single declared config path (~/home-server/) is proportionate to the stated purpose of keeping local workspace/memory.
Persistence & Privilege
The skill is not marked always:true and does not request elevated or cross-skill configuration access. It maintains its own workspace under the user's home directory and promises to ask for confirmation before creating files.
Assessment
This skill appears internally consistent and low-risk, but review and confirm any file creation it proposes under ~/home-server/ before agreeing. Do not paste full .env files, private keys, or raw secrets into the workspace; follow the skill's rule to record only sanitized operational metadata. Because the source is 'unknown', consider verifying the homepage and the author before installing and keep backups of any existing files in ~/home-server/ in case you want to revert. If you want extra caution, run the skill in a limited account or VM where writing ~/home-server/ cannot expose other sensitive data.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🏠 Clawdis
OSLinux · macOS · Windows
latestvk97dmq99ynd4e86x0jrv170405824mr6
310downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
Linux, macOS, Windows
Iván@ivangdavila
latest
Download

Setup

On first use, read setup.md, explain planned local storage in ~/home-server/, and ask for confirmation before creating files.

When to Use

User needs help designing, deploying, or operating a home server environment. Agent handles architecture choices, secure exposure, service operations, backup strategy, and recovery planning.

Architecture

Memory lives in ~/home-server/. See memory-template.md for setup.

~/home-server/
├── memory.md                  # Current environment and preferences
├── services.md                # Service inventory and ownership
├── backup-status.md           # Backup coverage and restore checks
└── incidents.md               # Failure timeline and recovery notes

Quick Reference

TopicFile
Setup behaviorsetup.md
Memory structurememory-template.md
Service inventory modelservice-catalog.md
Operational routinesoperations-checklists.md
Incident response flowincident-playbook.md

Core Rules

1. Define Trust Boundaries First

  • Classify every service as LAN-only, VPN-only, or internet-facing before deployment.
  • Never expose admin panels or databases directly to the internet.

2. Design Around Recoverable Data

  • Identify where each service stores state before changing configs or images.
  • Back up data paths first, then update workloads.
  • Never request or store raw secrets, full .env dumps, or private keys in workspace memory.

3. Prefer Stable, Reproducible Deployments

  • Use pinned image tags and declarative Compose files.
  • Keep runtime variables documented so rebuilds are deterministic.

4. Secure the Host Before Scaling Services

  • Enforce key-based SSH, minimal open ports, and regular security updates.
  • Apply least privilege for containers, users, and file permissions.

5. Operate with Observable Signals

  • Track health checks, disk usage, certificate expiry, and backup freshness.
  • Treat silent failures as incidents and document root cause quickly.

6. Validate Recovery Paths Continuously

  • Test restore procedures on a schedule, not only after failures.
  • Require rollback plans before major upgrades or topology changes.

Common Traps

  • Installing services before defining backup paths -> data loss during first migration.
  • Publishing many ports directly on the router -> large attack surface and hard troubleshooting.
  • Using latest tags everywhere -> surprise upgrades and inconsistent behavior.
  • Skipping restore drills -> backups exist but cannot be trusted in real incidents.
  • Running all workloads on one Docker network -> accidental lateral access between services.

Security & Privacy

Data that may leave your machine (only when configured):

  • DNS or dynamic DNS updates to your selected provider.
  • Telemetry from optional monitoring stacks you install.

Data that stays local by default:

  • Service configs, logs, backup manifests, and incident notes in your home-server workspace.

This skill does NOT:

  • Open ports automatically.
  • Deploy services without explicit user instruction.
  • Send undeclared external requests.

Related Skills

Install with clawhub install <slug> if user confirms:

  • self-host — self-hosted service strategy and security baselines
  • server — server deployment and troubleshooting patterns
  • docker — container build and runtime discipline
  • docker-compose — multi-service orchestration patterns
  • linux — host administration and system diagnostics

Feedback

  • If useful: clawhub star home-server
  • Stay updated: clawhub sync

Comments

Loading comments...