clawops

MCP-native infrastructure ops for OpenClaw — with read-only mode, destructive-action confirmation, and audit logs built in.

clawops is a CLI and MCP server for deploying and operating self-hosted OpenClaw instances. Provision on AWS, GCP, Azure, or any Linux VM — then manage day-to-day operations from the terminal, or let Claude Code and Cursor drive them through typed MCP tools with explicit safety controls.

What's new in v1.4.0

clawops monitor — live dashboard for any deployed stack. Shows gateway health, container status, CPU/memory, disk usage, and a rolling log tail. Refreshes on an interval with [r], toggles logs with [l], and quits with [q].

Run without --stack to get an interactive stack picker first — probes all registered stacks in parallel, shows only running ones by default, and lets you toggle to a full list ([a]) where not-deployed stacks can be deleted from the registry with [d]. Press [s] inside the dashboard to go back to the picker.

clawops monitor              # interactive stack selection → dashboard
clawops monitor --stack prod # jump straight to a named stack
clawops monitor --stack prod | cat  # one-shot snapshot for CI

clawops_monitor MCP tool — same snapshot as a single structured JSON call, so Claude Code and Cursor can check stack health without opening a terminal.

clawops stacks delete guard — now blocks deletion of a still-deployed stack and requires --force to remove from the registry without tearing down cloud resources first.

Who this is for

• OpenClaw users who want the simplest path to self-hosting across cloud or local VMs, with reliable deploy, status checks, logs, backups, and upgrades in a single CLI.
• Claude Code / Cursor / MCP users looking for a real-world reference implementation of safe infrastructure operations through MCP — typed tool schemas, read-only mode, destructive-action confirmation, and audit logs.
• Self-hosted AI and local-first developers who want to run their own AI assistant without committing to Kubernetes, a managed SaaS platform, or a single cloud provider.

What clawops does

• Provisions and tears down OpenClaw infrastructure on AWS, GCP, Azure, and local VMs using the Pulumi Automation API (embedded — no pulumi binary required).
• Manages day-to-day operations: status, logs, SSH, tunnels, config, agents, gateway, backups.
• Exposes every operation as a typed MCP tool so AI agents can drive ops safely.
• Enforces a plan → review → apply discipline for cloud deployments.
• Emits JSON output everywhere (--json) for scripting and automation.
• Never stores cloud credentials — reads them from your environment's existing CLI profiles.

What clawops does not do

• No high availability or clustering. Optimized for single-node deployments.
• No Kubernetes. It deploys to VMs, not container orchestration platforms.
• No OpenClaw skill/agent authoring. clawops manages infrastructure; what runs on it is up to you and OpenClaw.
• No TLS or domain automation (yet). Bring your own reverse proxy or see docs/limitations.md for the manual path.
• No credential storage. Cloud credentials must be configured in your environment before using clawops. They are never written to ~/.clawops/config.json.
• No native Windows. WSL2 is fully supported; see docs/support-matrix.md.

Quick Start

npm install -g @clawops/cli
clawops setup

clawops setup is an interactive wizard that gets OpenClaw running in about 2 minutes. It handles everything in one flow — no config files to write by hand, no commands to memorize.

What the wizard does

Step 1 — Choose a deployment target

Pick an existing server you can SSH into (Linux or macOS), or a new cloud VM on AWS, GCP, or A

... View full README on GitHub