README.md

Claw Operator Documentation

This tree is for teams running Claw in production, especially self-hosted daemon deployments.

Start here

• Quickstart
• Production install
• Upgrade and rollback
• Disaster recovery
• Troubleshooting

Runbooks

• Runbook index
• Daemon start, stop, and health
• Backup and restore
• Token rotation
• Emergency rollback

Reference

• Compatibility
• Production readiness checklist
• Production profile defaults

Self-hosted-first baseline

Use this baseline unless you have stricter internal controls:

• Run claw daemon behind your own network perimeter.
• Require bearer auth (--auth-token or --auth-profile).
• Terminate TLS at an ingress/proxy or configure daemon TLS via .claw/config.toml.
• Validate environment with claw admin preflight before first start and after major changes.
• Create and verify metadata backups with claw admin backup create and claw admin backup verify.