2026 OpenClaw on a Rented Mac Mini: Upptime or Uptime Kuma Webhooks for 7×24 Slices, Silence Windows & Alert Backoff — Minimal Steps
Solo operators who rent a Mac Mini to host OpenClaw night batches still need an honest external view of HTTP endpoints, disk gates, and gateway restarts.
This field note gives a reproducible lane for Uptime Kuma or Upptime style monitors posting JSON into OpenClaw, plus UTC silence, merged health checks, and capped backoff so chat channels stay usable. You get a matrix, numbered pains, a HowTo style checklist, and FAQ aligned with the long run self recovery story and the broader OpenClaw series on this blog.
Pain points on a single rental host
- Duplicate pages. Every child monitor fires its own webhook while one slow disk actually caused the failure.
- Silent maintenance. You pause jobs but Kuma still posts down unless UTC windows line up with OpenClaw.
- Thundering herd. Raw exponential alerts hit Slack limits during a long VPN blip on the rental uplink.
Decision matrix: Upptime versus Uptime Kuma
Pick a column first, then merge checks so only one downstream alert carries batch_id. Cross read Healthchecks.io ping runbook when you prefer curl keys instead of rich JSON bodies.
| Signal | Uptime Kuma | Upptime | Merge tactic |
|---|---|---|---|
| Webhook URL | Notification template posts JSON to https://host/hooks/uptime-kuma |
Workflow HTTP step targets https://host/hooks/upptime with shared secret header |
Single OpenClaw route dedupes by monitor_slug |
| Silence | Per monitor maintenance flag plus OpenClaw UTC env | GitHub Actions schedule skip plus same env | Parent monitor only emits after children green |
| Backoff | Throttle in Kuma resend plus gateway cap | Workflow concurrency one | Cap outbound seconds at three hundred with jitter |
Health check merge. Keep fast TCP or keyword checks on leaf URLs, but route notifications through one OpenClaw workflow that waits for two consecutive misses on the parent before it calls agents. That preserves slices for ETL without waking on single packet loss.
Prerequisites
- SSH access to an Apple Silicon Mac Mini image with outbound HTTPS and a stable hostname.
curlandjqfor smoke tests, plus log rotation already planned from dashboard log runbook.- Install baseline from OpenClaw install guide and skim use case scenarios so webhook payloads map to real agents.
OpenClaw install, config, and scenario
Install OpenClaw 2026.5.x with your package manager or pinned tarball, then create ~/.openclaw/gateway.yaml that binds 127.0.0.1:18789 and enables structured logs with openclaw_version, batch_id, and monitor_slug.
Scenario: a three hour night batch writes checkpoints every ten minutes. Uptime Kuma watches the public health URL while a second notification profile posts JSON to OpenClaw on state change only. OpenClaw translates down into pause child queues, escalates after two misses, and skips Slack when OPENCLAW_SILENCE_UTC matches Saturday morning rebuilds.
export OPENCLAW_SILENCE_UTC="Sat 08:00-12:00,Sun 06:00-10:00"
export OPENCLAW_ALERT_BACKOFF_CAP_SEC=300
export OPENCLAW_ALERT_BACKOFF_JITTER_SEC=30
openclaw gateway --config ~/.openclaw/gateway.yamlGateway and TLS proxy
Never expose the loopback port raw on a shared rental. Terminate TLS with Caddy or nginx, enforce X-OpenClaw-Secret, and limit body size to a few hundred kilobytes so monitor templates cannot flood disk.
Example public webhook URL pair operators keep in runbooks: https://mini.example/hooks/uptime-kuma for Kuma and https://mini.example/hooks/upptime for GitHub workflow posts. Both reverse proxy to 127.0.0.1:18789 with unique path ACLs.
launchd keepalive
Wrap the gateway with a dedicated label, ThrottleInterval between ninety and one hundred twenty seconds so a crash loop cannot starve launchd, and set KeepAlive with a successful exit throttle.
<key>ThrottleInterval</key>
<integer>120</integer>
<key>KeepAlive</key>
<true/>
<key>StandardOutPath</key>
<string>/var/log/runmini/openclaw-gateway.log</string>HowTo checklist
- Install OpenClaw, verify
openclaw versionprints 2026.5.x, then bind loopback. - Add TLS proxy routes for both webhook paths and test with
curl -H "X-OpenClaw-Secret: …" -d '{"monitor":"demo","status":"down"}'. - Create parent and child monitors, disable child notifications, keep parent JSON only.
- Set silence env for maintenance, document overlap with rental provider windows.
- Configure backoff cap and jitter, then rehearse a thirty minute VPN drop.
- Install launchd plist, load label, confirm restart after
kill -9. - Archive one red incident with
batch_idgrep across gateway and batch logs.
Cite: loopback port 18789; backoff ladder two four eight sixteen seconds capped at three hundred; jitter zero to thirty; two misses before parent alert; webhook body limit 256 kilobytes; ThrottleInterval one hundred twenty seconds; align with Purchase tier SSD for log volume.
Troubleshooting FAQ
- Kuma shows down while curl to the gateway succeeds
- Compare HEAD versus GET behavior on the health URL, fix proxy caching, or move the keyword check to a tiny static file that bypasses application middleware.
- OpenClaw ignores silence
- Confirm the process environment for launchd, not only your interactive shell. Use
launchctl printto verify env blocks. - Alerts still duplicate after merge
- Disable legacy notification profiles, then add a dedupe key inside OpenClaw derived from
monitor_slugplus UTC hour bucket.
Choose your Mac node, access method, and webhook lane
RunMini Apple Silicon hosts fit OpenClaw gateways and night batches. Compare plans, finish checkout, then read Help for SSH and VNC. Continue the thread with Sentry Cron monitors if you need heartbeat style check ins instead of pure webhooks.
Bookmark Home and Blog before you rely on merged monitors alone.