synology-backup

Backup and restore OpenClaw workspace, configs, and agent data to a Synology NAS via SMB. Use when: backing up workspace files, restoring from a snapshot, checking backup status/health, or setting up automated backups. Supports Tailscale for secure remote VPS-to-NAS connectivity.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "synology-backup" with this command: npx skills add pfrederiksen/synology-backup

Synology Backup

Backup OpenClaw data to a Synology NAS over SMB. Designed for secure, automated daily snapshots with configurable retention.

Setup

1. Network Connectivity

For VPS-to-NAS backups, use Tailscale for secure connectivity without exposing SMB to the internet:

  1. Install Tailscale on the Synology (Package Center → search "Tailscale")
  2. Install Tailscale on the VPS — see Tailscale's official install guide for your platform
  3. Join both to the same tailnet
  4. Use the Synology's Tailscale IP in config

For local network setups, use the NAS local IP directly.

2. Synology Preparation

  1. Create a dedicated user on the Synology (e.g., openclaw-backup) with minimal permissions
  2. Create or choose a shared folder (e.g., backups)
  3. Grant the user read/write access to only that folder

3. Credentials File

Create an SMB credentials file with restricted permissions — never store credentials in config or scripts:

# Create the file and set permissions (replace placeholders with your values)
touch ~/.openclaw/.smb-credentials
chmod 600 ~/.openclaw/.smb-credentials
# Edit the file and add two lines:
#   username=<your-synology-user>
#   password=<your-synology-password>
nano ~/.openclaw/.smb-credentials

4. Configuration

Create ~/.openclaw/synology-backup.json:

{
  "host": "100.x.x.x",
  "share": "backups/openclaw",
  "mountPoint": "/mnt/synology",
  "credentialsFile": "~/.openclaw/.smb-credentials",
  "smbVersion": "3.0",
  "backupPaths": [
    "~/.openclaw/workspace",
    "~/.openclaw/openclaw.json",
    "~/.openclaw/cron",
    "~/.openclaw/agents"
  ],
  "includeSubAgentWorkspaces": true,
  "retention": 7,
  "schedule": "0 3 * * *"
}

Note on sensitive files: The .env file (containing API keys) is not included in the default backup paths. If you want to back it up, add "~/.openclaw/.env" to backupPaths — but ensure your Synology share has restricted access and the dedicated user has minimal permissions.

FieldDescriptionDefault
hostSynology IP (Tailscale or local)required
shareSMB share pathrequired
mountPointLocal mount point/mnt/synology
credentialsFilePath to SMB credentials filerequired
smbVersionSMB protocol version3.0
backupPathsPaths to backupworkspace + config
includeSubAgentWorkspacesAuto-include workspace-* dirstrue
retentionDays of snapshots to keep7
scheduleCron expression (host timezone)0 3 * * *

5. Install Dependencies

apt-get install -y cifs-utils rsync

6. Mount Setup

For persistent mounts across reboots, add to /etc/fstab:

//<host>/<share> /mnt/synology cifs credentials=<credentials-file>,vers=3.0,_netdev,nofail 0 0

Usage

Backup Now

scripts/backup.sh

Runs an incremental backup. First run copies everything; subsequent runs only sync changes.

Restore a Snapshot

scripts/restore.sh [date]

Restores from a specific date's snapshot (e.g., 2026-02-20). Without a date, lists available snapshots.

Check Status

scripts/status.sh

Shows last backup time, snapshot count, total size, and mount health.

What Gets Backed Up

  • ~/.openclaw/workspace/ — memory, SOUL, AGENTS, skills, all workspace files
  • ~/.openclaw/workspace-*/ — all sub-agent workspaces (if enabled)
  • ~/.openclaw/openclaw.json — main config
  • ~/.openclaw/cron/ — cron job definitions
  • ~/.openclaw/agents/ — agent configurations
  • ~/.openclaw/.envopt-in only (contains API keys — add to backupPaths manually if desired)

Snapshot Structure

backups/
├── 2026-02-20/
│   ├── manifest.json
│   ├── workspace/
│   ├── workspace-email/
│   ├── workspace-news/
│   ├── agents/
│   ├── cron/
│   └── openclaw.json
├── 2026-02-19/
└── ...

Security Notes

  • Credentials: Always use a dedicated credentials file with restricted permissions (chmod 600). Never inline secrets in config files, scripts, or fstab.
  • Network: Use Tailscale or a VPN for remote backups. Never expose SMB (port 445) to the public internet.
  • Sensitive data: The .env file contains API keys and is excluded from default backup paths. Only include it if your NAS share is properly secured with restricted user permissions.
  • NAS user: Create a dedicated Synology user with access to only the backup share — not an admin account.
  • Retention: Old snapshots are pruned by moving them to the Synology trash (if supported) or deleting them. Increase retention for critical environments.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Automation

Git Workflow

Use this skill for any git commit, pull request, or release task. Invoke immediately when the user wants to: stage and commit changes, write a commit message...

Registry SourceRecently Updated
0151
niracler
Automation

Atlassian Jira by altf1be

Atlassian Jira Cloud CRUD skill — manage issues, comments, attachments, workflow transitions, and JQL search via Jira REST API v3 with email + API token auth.

Registry SourceRecently Updated
024
Abdelkrim
Automation

nix-memory

Monitors and scores agent identity and memory integrity by hashing key files, tracking changes, detecting drift, and providing continuity alerts for OpenClaw...

Registry SourceRecently Updated
0140
cassh100k