5.8 KiB
docs/operations/WORK_SETUP_CHECKLIST.md
Use this checklist on the target work computer only. Do not run these mutation steps on your current stable machine.
0) Open terminal in this folder
cd /path/to/openclaw-setup
If delegating to another AI assistant, point it to:
docs/operations/AI_SETUP_HANDOFF.md
1) Preflight
uname -a
sw_vers
which brew || echo "brew missing"
which node || echo "node missing"
which npm || echo "npm missing"
2) Primary Copilot setup
bash ./setup/setup_openclaw_copilot.sh
Verify:
which openclaw
openclaw --version
which copilot
copilot --version
3) Finalize setup in one command (recommended)
bash ./scripts/finalize_copilot_setup.sh
Expected:
- Authenticated with enterprise-linked account
- Copilot models discovered
- If prompted, paid profile model selected from non-free candidates
- Guardrails installed + running
- Hooks enabled (
boot-md,command-logger,session-memory) - Gateway restarted
If this step succeeds, you can skip to step 10.
4) Manual fallback path (advanced, only if step 3 fails)
If finalize fails due auth/browser flow, run:
copilot auth login
copilot auth status
Then continue below.
5) Start/verify OpenClaw gateway
openclaw gateway restart
openclaw status --deep
Expected: gateway reachable.
6) Discover available models
openclaw models refresh || true
openclaw models list
openclaw models status
Note: If models refresh is unsupported in your version, ignore and continue.
How to choose from the list:
- Pick a fast daily model as primary (usually Sonnet-Fast or Codex-Fast style naming).
- Pick only free-tier or lowest-cost fallbacks.
- Avoid premium fallbacks (Opus-class) in default routing.
- Keep model IDs exact from
openclaw models list.
Why this matters:
- Better latency for normal work
- Better quality when complexity spikes
- Lower quota burn by not overusing heavyweight models
- Better uptime through fallback failover
7) Set Copilot primary + fallbacks
Replace models below with names from your openclaw models list output if needed.
openclaw models set github-copilot/claude-sonnet-4.6
openclaw models fallbacks clear
openclaw models fallbacks add github-copilot/<free-or-low-cost-fallback-1>
openclaw models fallbacks add github-copilot/<free-or-low-cost-fallback-2>
Verify:
openclaw models status
Expected:
- Default model is your fast daily Copilot model
- Fallback chain includes only free-tier or low-cost models
- Only
github-copilot/*appears if strict enterprise policy is required
8) Optional strict provider lock (Copilot-only)
Run if your enterprise policy requires only Copilot provider traffic:
openclaw config set --json providers.github-copilot.enabled true
openclaw config set --json providers.openai.enabled false
openclaw config set --json providers.anthropic.enabled false
openclaw config set --json providers.openrouter.enabled false
openclaw gateway restart
Verify:
openclaw models list
openclaw models status
9) Configure + install Copilot guardrails (recommended)
If step 3 already succeeded, this is already done.
This one command auto-detects your available Copilot models, asks for paid model selection (interactive), picks low-cost free defaults, applies policy, and installs launchd guards:
bash ./scripts/install_copilot_guardrails.sh
For unattended/non-interactive automation:
PROMPT_FOR_PAID_MODEL=false bash ./scripts/install_copilot_guardrails.sh
- Verify:
launchctl print gui/$(id -u)/ai.openclaw.model-budget-guard
launchctl print gui/$(id -u)/ai.openclaw.copilot-policy-guard
launchctl print gui/$(id -u)/ai.openclaw.copilot-auth-watchdog
launchctl print gui/$(id -u)/ai.openclaw.copilot-model-schedule-guard
tail -n 30 /tmp/openclaw-model-budget-guard.log /tmp/openclaw-model-budget-guard.err.log
tail -n 30 /tmp/openclaw-copilot-policy-guard.log /tmp/openclaw-copilot-policy-guard.err.log
tail -n 30 /tmp/openclaw-copilot-auth-watchdog.log /tmp/openclaw-copilot-auth-watchdog.err.log
tail -n 30 /tmp/openclaw-copilot-model-schedule-guard.log /tmp/openclaw-copilot-model-schedule-guard.err.log
Why this matters:
- User gets prompted when high model remains active
- Session is auto-switched back to lower model after timeout
- Copilot-only policy is auto-corrected if drift occurs
- Expired Copilot auth is surfaced quickly
- Work-hours/off-hours profile schedule is auto-enforced
- Protects enterprise quota and keeps routine latency low
10) Enable recommended hooks
If step 3 already succeeded, hooks were already enabled.
openclaw hooks enable boot-md
openclaw hooks enable command-logger
openclaw hooks enable session-memory
openclaw hooks list
11) Persona/startup docs sanity
Confirm these files exist in workspace root:
ls -la AGENTS.md docs/context/BOOT.md docs/context/SOUL.md docs/context/IDENTITY.md docs/context/USER.md docs/context/TOOLS.md docs/operations/troubleshooting.md
12) Telegram/channel check (if used)
Telegram account rule:
- No new personal Telegram account is required.
- Use your existing Telegram account and create a bot via
@BotFather. - Bot token is the only setup secret needed for Telegram.
openclaw status --deep
Expected: channel OK and gateway reachable.
13) First chat checks
In your chat surface:
/new- Ask:
reply with your active model and one sentence
Expected: response is fast and uses a github-copilot/* model.
14) Daily operations
openclaw status --deep
openclaw models status
copilot auth status
15) Fast failure recovery
openclaw gateway restart
openclaw logs --follow
openclaw models status
copilot auth status
If still blocked, use docs/operations/troubleshooting.md.