Add locked-down kids instance configuration

2026-02-22 20:28:48 +00:00
parent dd6b3aa63d
commit 52d2555cca
5 changed files with 259 additions and 0 deletions
--- a/kids-instance/README.md
+++ b/kids-instance/README.md
@@ -0,0 +1,88 @@
+# OpenClaw Kids Instance
+
+A locked-down, sandboxed OpenClaw instance for your child.
+
+## 🔒 Safety Features
+
+- **Sandboxed tools** — all execution happens in Docker containers
+- **No file writes** — read-only access to workspace
+- **No shell access** — can't run commands on the host
+- **No browser control** — can't drive a browser
+- **No config changes** — can't modify OpenClaw settings
+- **DM pairing required** — you approve all contacts
+- **Group mention-only** — won't respond unless @mentioned in groups
+
+## 🚀 Setup
+
+1. **Change the auth token** in `config/openclaw-kids.json`:
+   ```json
+   "token": "your-long-random-string-here"
+   ```
+
+2. **Start the instance**:
+   ```bash
+   docker-compose -f docker-compose.kids.yml up -d
+   ```
+
+3. **Connect via Control UI**:
+   - Open http://localhost:18790 in your browser
+   - Use the token from step 1 to pair
+
+4. **Set up messaging** (optional):
+   - WhatsApp: Scan QR code in Control UI
+   - Telegram: Create bot via @BotFather, add token to config
+
+5. **Customize**:
+   - Edit `workspace-kids/IDENTITY.md` — let your son name the bot!
+   - Edit `workspace-kids/SOUL.md` — adjust personality as needed
+
+## 🛡️ What's Allowed
+
+- ✅ Chatting and asking questions
+- ✅ Reading files in the workspace
+- ✅ Web search (with safe content filters)
+- ✅ Using messaging with approved contacts
+
+## 🚫 What's Blocked
+
+- ❌ Running shell commands
+- ❌ Writing files
+- ❌ Browsing the web interactively
+- ❌ Creating scheduled tasks
+- ❌ Accessing your main OpenClaw instance
+- ❌ Modifying configuration
+
+## 📁 Directory Structure
+
+```
+kids-instance/
+├── docker-compose.kids.yml    # Docker setup
+├── config/
+│   └── openclaw-kids.json     # Main config
+├── workspace-kids/            # Agent workspace
+│   ├── SOUL.md                # Personality
+│   ├── IDENTITY.md            # Name/emoji
+│   └── ...                    # Other files
+└── state/                     # Runtime state (created on first run)
+```
+
+## 🔄 Updating
+
+```bash
+docker-compose -f docker-compose.kids.yml pull
+docker-compose -f docker-compose.kids.yml up -d
+```
+
+## 📝 Notes
+
+- Runs on port 18790 (different from default 18789)
+- Uses separate Docker network `openclaw-kids`
+- Completely isolated from your main OpenClaw instance
+- All activity is logged in `state/` for review
+
+## 🎨 Customization Ideas
+
+- Let your son design the bot's personality in SOUL.md
+- Add fun facts or daily challenges in HEARTBEAT.md
+- Create a todo.md for homework or chores
+- Set up a separate WhatsApp number just for the bot