[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-81542":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":15,"forks30d":15,"starsTrendScore":19,"compositeScore":20,"rankGlobal":10,"rankLanguage":10,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":24,"hasPages":24,"topics":25,"createdAt":10,"pushedAt":10,"updatedAt":29,"readmeContent":30,"aiSummary":31,"trendingCount":15,"starSnapshotCount":15,"syncStatus":14,"lastSyncTime":32,"discoverSource":33},81542,"crabfleet","openclaw\u002Fcrabfleet","openclaw","Mission control for agent runs.","http:\u002F\u002Fdocs.crabfleet.ai",null,"TypeScript",147,15,2,0,5,115,121,63,3.61,"MIT License",false,"main",true,[26,27,28],"agent","fleet","management","2026-06-12 02:04:16","# Crabfleet\n\n![Crabfleet banner](docs\u002Fassets\u002Freadme-banner.jpg)\n\n**Mission control for Agent runs.**\n\nCrabfleet gives OpenClaw maintainers a fleet dashboard where every Codex crabbox is visible by operator, repo, terminal, and WebVNC state. The OpenClaw app\u002FAPI canonical URL is `https:\u002F\u002Fclawfleet.openclaw.ai`; `https:\u002F\u002Fclawfleet.ai` is reserved for the public product page.\n\n## What It Does\n\n- **Fleet-first workflow.** Create repo-ready Crabboxes from the app, SSH, or the Go CLI and see org Codex instances grouped by person.\n- **Board-based workflow.** Create cards from prompts, GitHub issues, or PRs. Track them through Todo, Running, Human Review, and Done lanes.\n- **Issue\u002FPR lookup.** Type `#123` in search to preview matching GitHub issues or PRs across enabled OpenClaw repos and create a card from the match.\n- **Codex run control.** Start durable run attempts, track heartbeats, watch the Ghostty WASM session grid, and take over only when the selected runtime advertises that capability.\n- **Interactive Crabboxes.** Start a standalone Codex CLI workspace for manual cloud work and attach it in the same fullscreen Ghostty grid or WebVNC.\n- **Worker-owned sandbox credentials.** Built-in Cloudflare Sandbox sessions get placeholder env credentials; Worker-controlled outbound routing injects model and GitHub credentials only for approved upstream requests.\n- **Diff previews.** Card tiles show changed files and totals; the run drawer shows a compact Codiff-style patch view.\n- **Multi-runtime policy.** Auto-select between the Container and Crabbox adapter surfaces based on card overrides, repo workflow defaults, and task requirements.\n- **Allowlist controls.** Restrict access to OpenClaw org members and specific repos through admin-managed allowlists.\n- **Session logs.** D1-backed card\u002Frun event history with a 30-day product retention setting.\n- **Repo workflow config.** Owners can evaluate `CRABBOX.md` per repo and use it for runtime and merge defaults.\n\n## Architecture\n\n- **Cloudflare Workers** for the app, API, auth, GitHub lookup, and docs routes.\n- **D1 + Kysely** for typed persistence: users, sessions, allowlists, repos, cards, events, run attempts, interactive sessions, diffs, and repo workflow evaluations.\n- **Ghostty WebAssembly** for the fullscreen attach grid and run log replay.\n- **Cloudflare Sandbox containers** for standalone interactive Codex CLI workspaces with live PTY attach.\n- **Runtime adapter descriptors** for Container and Crabbox selection, capability display, interactive provision handoff, and guarded takeover.\n- **Provision endpoint** at `\u002Fapi\u002Fprovision\u002Finteractive` that can use the built-in Sandbox backend or delegate to a generic runtime adapter or ClawFleet.\n- **R2 session archives** for crabbox event NDJSON, transcripts, and summaries.\n- **GitHub API** for OAuth, org\u002Fteam membership, and issue\u002FPR previews across enabled repos.\n\nAutonomous card execution, Crabbox VNC transport, Durable Object fanout, and merge automation are adapter targets, not faked in the current Worker.\nThe OpenClaw fleet\u002Forchestrator backend should run on the Hetzner `openclaw-clawsweeper` host alongside ClawSweeper; the Worker stays the app\u002FAPI front door.\n\n## Quick Start\n\n### 1. Sign In\n\nUse GitHub OAuth for normal browser access, or link an SSH key from the terminal:\n\n```bash\nssh link@crabd.sh\n```\n\n`CRABBOX_BOOTSTRAP_TOKEN` is only a break-glass recovery path for owners.\n\n### 2. Configure Access\n\nAdd users\u002Fteams to the allowlist and enable repos:\n\n- Navigate to Admin panel\n- Add GitHub users (`@login`) or teams (`@org\u002Fteam`)\n- Assign roles: owner, maintainer, or viewer\n- Add allowed repos (`owner\u002Frepo`)\n\n### 3. Create Cards\n\n- **From prompt:** New card → enter prompt, select repo; title is optional\n- **From issue:** Search GitHub issues → create card\n- **From PR:** Search GitHub PRs → create card for review\u002Ffix\n\n### 4. Watch Runs\n\n- Running cards show D1 event logs and heartbeat state\n- Click \"Attach\" to open the fullscreen Ghostty WASM session grid\n- Click \"Take over\" only when the active run advertises takeover support\n- Click \"Watch\" for read-only stream\n\n### 5. Start Crabboxes\n\n- Click \"New crabbox\" to request a standalone Codex CLI workspace\n- Default runtime is Cloudflare Sandbox; choose Crabbox only when a VNC\u002Fdesktop adapter is configured\n- Without `CRABBOX_INTERACTIVE_PROVISION_URL`, sessions are stored as `pending_adapter` and still visible in the grid\n- Install or build the Go CLI, then run `crabfleet new --repo openclaw\u002Fcrabfleet \"fix the failing check\"`\n\n## Features\n\n### Board Management\n\n- Kanban-style lanes: Todo, Running, Human Review, Done\n- Card filtering: all, mine, live\n- Search cards by title, repo, or ID\n- Real-time updates via WebSockets\n\n### Card Policies\n\n- **Runtime:** `auto`, `container`, `crabbox`\n- **Merge policy:** repo default, `open_pr`, `merge_when_green`, `fix_until_green_and_merge`\n- **Source types:** Prompt, Issue, PR\n\nRepo defaults can come from a `CRABBOX.md` file:\n\n```yaml\n---\nruntime:\n  default: auto\nmerge:\n  default_policy: open_pr\n---\n```\n\n`stall_ms`, `cap`, `prompt_prefix`, and the Markdown body are parsed\u002Fstored for future policy work, but only runtime and merge defaults are effective today.\n\n### Admin Controls\n\n- User and team allowlists with role-based access\n- Repo allowlists\n- Manual `CRABBOX.md` evaluation with status\u002Ferror visibility\n- Concurrent run caps (default: 20)\n- Log retention (14, 30, 60 days)\n- Direct merge permissions (guarded, maintainers, disabled)\n\n### Auth\n\n- GitHub OAuth for org members\n- Bootstrap token for admin setup and recovery\n- Short-lived sessions with automatic refresh\n- Role-based access control (owner, maintainer, viewer)\n\n## Deployment\n\n### Prerequisites\n\n- Cloudflare account\n- `clawfleet.openclaw.ai` route in Cloudflare; legacy app hosts redirect here\n- GitHub OAuth app (optional but recommended)\n- Bootstrap token secret\n\n### Deploy\n\nPushes to `main` run `.github\u002Fworkflows\u002Fdeploy-worker.yml`, which checks, tests, builds,\napplies remote D1 migrations, and deploys the Worker. Configure the repository secret\n`CLOUDFLARE_API_TOKEN` with permissions for Workers deploys and D1 migrations.\n`clawfleet.openclaw.ai` and `crabd.sh` DNS\u002Froute convergence is handled by\n`scripts\u002Fensure-cloudflare-domains.mjs`; set `CLOUDFLARE_DNS_API_TOKEN` when CI should\nmanage those records. Without that DNS-scoped token, CI skips domain convergence and\ndeploys to the already configured route.\n\nManual deploy is still available:\n\n```bash\n# Build assets\npnpm build\n\n# Apply migrations\nwrangler d1 migrations apply DB --remote\n\n# Deploy to Cloudflare\nwrangler deploy\n```\n\n### Environment Variables\n\nConfigure these in Cloudflare Workers dashboard. `CRABBOX_*` names are the runtime\u002Fcrabbox adapter contract; `CRABFLEET_*` names are for the public CLI and SSH gateway. The `SESSION_LOGS` R2 binding points at the `crabfleet-session-logs` bucket and stores crabbox event archives.\n\nThe Crabbox namespace cutover intentionally has no old-name compatibility. Existing browser sessions expire, linked SSH keys must be relinked with `ssh link@crabd.sh`, and in-flight interactive workspaces should be recreated.\n\n- `CRABBOX_BOOTSTRAP_TOKEN` – Optional owner break-glass token for setup\u002Frecovery\n- `GITHUB_CLIENT_ID` – GitHub OAuth app client ID (optional)\n- `GITHUB_CLIENT_SECRET` – GitHub OAuth app secret (optional)\n- `GITHUB_ORG` – GitHub org for membership check (default: `openclaw`)\n- `GITHUB_TOKEN` – GitHub token for all enabled repo issue\u002FPR previews and private repo `CRABBOX.md` refreshes (optional; public\u002Fdefault repo paths work without it)\n- `CRABBOX_TOKEN_ENCRYPTION_KEY` – Optional encryption key for per-session GitHub OAuth tokens; defaults to `GITHUB_CLIENT_SECRET`\n- `CRABBOX_INTERACTIVE_PROVISION_URL` – Optional adapter endpoint for standalone Codex CLI workspaces\n- `CRABBOX_INTERACTIVE_PROVISION_TOKEN` – Optional bearer token sent to the interactive provision endpoint; required when backend URLs below are configured\n- `CRABBOX_RUNTIME_PROVISION_URL` – Optional generic backend URL used by `\u002Fapi\u002Fprovision\u002Finteractive`\n- `CRABBOX_RUNTIME_PROVISION_TOKEN` – Optional bearer token sent to the generic runtime backend\n- `CRABBOX_CLOUDFLARE_RUNNER_URL` – Optional Crabbox Cloudflare container runner URL used by `\u002Fapi\u002Fprovision\u002Finteractive`\n- `CRABBOX_CLOUDFLARE_RUNNER_TOKEN` – Optional bearer token sent to the Cloudflare runner\n- `CRABBOX_CLOUDFLARE_RUNNER_INSTANCE_TYPE` – Optional runner instance type, default `standard-4`\n- `CRABBOX_CLOUDFLARE_RUNNER_WORKDIR` – Optional base workdir for provisioned sandboxes, default `\u002Fworkspace\u002Fcrabbox`\n- `CRABBOX_CLOUDFLARE_RUNNER_TTL_SECONDS` – Optional sandbox TTL, default `14400`\n- `CRABBOX_CLOUDFLARE_RUNNER_IDLE_SECONDS` – Optional idle timeout, default `1800`\n- `CRABBOX_PTY_BRIDGE_URL` – Optional WebSocket PTY bridge URL\u002Ftemplate for live Ghostty attach; supports `{id}`, `{leaseId}`, `{repo}`, `{branch}`, and `{runtime}`\n- `CRABBOX_PTY_BRIDGE_TOKEN` – Optional bearer token sent from Crabfleet to the PTY bridge\n- `CRABBOX_CLAWFLEET_URL` – Optional ClawFleet dashboard\u002FAPI URL used by `\u002Fapi\u002Fprovision\u002Finteractive` for `crabbox` sessions\n- `CRABBOX_CLAWFLEET_TOKEN` – Optional bearer token sent to ClawFleet\n- `CRABBOX_CLAWFLEET_PUBLIC_URL` – Optional public ClawFleet URL used when building attach\u002FVNC links\n- `CRABBOX_OPENCLAW_TOKEN` – Internal bearer token for OpenClaw\u002FDiscord service crabbox creation\n- `CRABFLEET_SSH_GATEWAY_TOKEN` \u002F `CRABBOX_SSH_GATEWAY_TOKEN` – Shared bearer token for the Go SSH gateway internal API\n- `CRABFLEET_LOCAL_SANDBOX_BACKUPS` – Optional Cloudflare Sandbox checkpoint mode override; defaults to R2 binding uploads, set `0` for SDK presigned R2 uploads\n- `OPENAI_API_KEY` – Required for built-in Cloudflare Sandbox Codex CLI sessions; injected by the Worker outbound path for Cloudflare Sandbox requests\n\n### Verify Deployment\n\n```bash\ncurl -I https:\u002F\u002Fclawfleet.openclaw.ai\u002Fhealthz\n# Should return: 200 OK\n\ncurl https:\u002F\u002Fclawfleet.openclaw.ai\u002Fdocs\u002Fspec\n# Should return: HTML spec document\n```\n\n## Development\n\n### Setup\n\n```bash\n# Install dependencies\npnpm install\n\n# Build assets\npnpm build\n\n# Run type checks\npnpm check\n\n# Run linter\npnpm lint\n\n# Format code\npnpm format\n```\n\n### Test Stack\n\n- `tsgo --noEmit` through `pnpm build`\n- `oxlint` for linting\n- `oxfmt --check` for formatting\n- SQLite migration smoke checks for D1 schema compatibility\n- `codex-review` before feature commits\n- Browser\u002Flive smoke checks after deploy\n\n### Local Development\n\n```bash\n# Start local dev server with D1\nwrangler dev\n\n# Apply migrations locally\nwrangler d1 migrations apply DB --local\n```\n\n### SSH Gateway\n\nThe Worker exposes an internal SSH onboarding API guarded by `CRABFLEET_SSH_GATEWAY_TOKEN` or `CRABBOX_SSH_GATEWAY_TOKEN`.\nRun the Go gateway next to a host that can accept raw SSH:\n\n```bash\nCRABFLEET_API_URL=https:\u002F\u002Fclawfleet.openclaw.ai \\\nCRABFLEET_SSH_GATEWAY_TOKEN=... \\\nCRABFLEET_SSH_HOST_KEY=\u002Fvar\u002Flib\u002Fcrabfleet\u002Fssh_host_ed25519_key \\\nCRABFLEET_SSH_ADDR=:2222 \\\ngo run .\u002Fcmd\u002Fcrabbox-ssh-gateway\n```\n\nUnknown public keys get a short GitHub OAuth link through `ssh link@host`. Linked keys can\nrun `whoami`, `list`, `new`, and `attach SESSION_ID`; `new` creates an interactive Codex\nsession and attaches.\n\nProduction should expose the gateway at `crabd.sh` as a DNS-only `A` record.\nUse `ssh link@crabd.sh` once to connect a GitHub-backed SSH key, then run\n`ssh crabd.sh whoami` or `ssh crabd.sh list`.\n\n### Go CLI\n\nThe `crabfleet` CLI is written in Go with Kong and delegates to SSH by default. API mode is available for service contexts with `CRABFLEET_SSH_GATEWAY_TOKEN` and `CRABFLEET_SSH_FINGERPRINT`.\n\n```bash\nbrew tap openclaw\u002Ftap\nbrew install crabfleet\n\ngo run .\u002Fcmd\u002Fcrabfleet login\ngo run .\u002Fcmd\u002Fcrabfleet list\ngo run .\u002Fcmd\u002Fcrabfleet new --repo openclaw\u002Fcrabfleet \"start on the release checklist\"\ngo run .\u002Fcmd\u002Fcrabfleet attach \u003Csession-id>\ngo run .\u002Fcmd\u002Fcrabfleet vnc --open \u003Csession-id>\n```\n\n### CLI Release\n\nTagged releases publish `crabfleet` with GoReleaser and dispatch the OpenClaw Homebrew tap updater:\n\n```bash\ngit tag v0.1.0\ngit push origin v0.1.0\n```\n\nThe release workflow builds macOS, Linux, and Windows archives, then updates `openclaw\u002Fhomebrew-tap` through `update-formula.yml`.\n\n### OpenClaw \u002F Discord Crabbox Hook\n\nOpenClaw can create repo-ready crabboxes for Discord-triggered work through the internal service endpoint:\n\n```bash\ncurl -fsS https:\u002F\u002Fclawfleet.openclaw.ai\u002Fapi\u002Fopenclaw\u002Fcrabboxes \\\n  -H \"authorization: Bearer $CRABBOX_OPENCLAW_TOKEN\" \\\n  -H \"content-type: application\u002Fjson\" \\\n  -d '{\"owner\":\"@steipete\",\"repo\":\"openclaw\u002Fcrabfleet\",\"prompt\":\"prep the meeting follow-up\"}'\n```\n\nThe created crabbox appears in the fleet grid under the requested owner. Provisioning still flows through the configured Crabbox\u002FClawFleet adapter, so VNC and terminal URLs come from the runtime backend.\n\n### Project Structure\n\n```\ncrabfleet\u002F\n├── src\u002F\n│   ├── index.ts          # Worker entry point, API routes, auth handlers\n│   ├── app.html          # Single-page app shell and styles\n│   ├── app\u002F              # Preact app modules\n│   ├── generated.ts      # Build-time generated assets\n├── migrations\u002F           # D1 database migrations\n├── scripts\u002F              # Build scripts\n│   └── generate-assets.mjs\n├── vite.config.mjs       # Preact\u002FVite app bundle config\n├── docs\u002F                 # Documentation (GitHub Pages)\n│   ├── CNAME             # docs.crabfleet.ai custom domain\n│   └── spec.md           # Product spec\n└── wrangler.jsonc       # Cloudflare Worker config\n```\n\n## Documentation\n\nFull documentation available at [docs.crabfleet.ai](https:\u002F\u002Fdocs.crabfleet.ai):\n\n- [Quickstart](https:\u002F\u002Fdocs.crabfleet.ai\u002Fquickstart) – Get started in 5 minutes\n- [Architecture](https:\u002F\u002Fdocs.crabfleet.ai\u002Farchitecture) – System design and data model\n- [Cards](https:\u002F\u002Fdocs.crabfleet.ai\u002Fcards) – Card lifecycle and policies\n- [Runs](https:\u002F\u002Fdocs.crabfleet.ai\u002Fruns) – Runtime selection and execution\n- [Admin](https:\u002F\u002Fdocs.crabfleet.ai\u002Fadmin) – Access control and policies\n- [API](https:\u002F\u002Fdocs.crabfleet.ai\u002Fapi) – REST and WebSocket APIs\n- [Spec](https:\u002F\u002Fdocs.crabfleet.ai\u002Fspec) – Complete product specification\n\n## Security\n\n- All state-changing operations require authentication\n- Repo operations require allowlist membership\n- Direct merge requires maintainer role and policy approval\n- Runtime tokens are scoped and short-lived\n- Secrets never logged or stored in D1\u002FR2\n- Audit events for all admin and merge operations\n\n## Status\n\nActive development. See [CHANGELOG.md](CHANGELOG.md) for recent updates.\n\nCurrent phase: MVP deployed with auth, board UI, admin controls, card management, Kysely-backed D1 persistence, durable run attempts, repo workflow evaluation, card diffs, Ghostty WASM terminal grid, R2 session log archives, authenticated PTY WebSocket proxying, and first-party Cloudflare Sandbox Codex CLI sessions.\n\nNext: bind autonomous card execution and merge automation to the same runtime layer.\n\n## License\n\nMIT License. See [LICENSE](LICENSE) for details.\n\n## Not Affiliated\n\nCrabfleet is an OpenClaw project, not affiliated with Cloudflare, GitHub, or Anthropic.\n\n## Contributing\n\nThis is currently an internal OpenClaw tool. External contributions are not accepted at this time.\n\n## Support\n\nFor OpenClaw org members: use #crabfleet in Discord or open an issue in the private repo.\n","Crabfleet 是一个用于管理代理运行的任务控制平台。其核心功能包括创建和管理Codex crabbox实例、通过卡片形式跟踪任务状态、基于GitHub问题或PR创建卡片、控制Codex运行以及提供交互式的CLI工作空间。技术上，Crabfleet利用了Cloudflare Workers实现应用逻辑与API服务，D1数据库配合Kysely库确保数据持久化，Ghostty WebAssembly支持全屏会话网格显示，同时集成了Cloudflare Sandbox容器以提供安全的交互式CLI环境。该项目适用于需要集中管理和监控多代理运行的场景，特别是对于涉及GitHub仓库维护和技术团队协作的工作流非常有用。","2026-06-11 04:05:26","CREATED_QUERY"]