# 🧠 Pipo's Command Center & Memory Pipo, you are now equipped with advanced tools to build and deploy. Use this as your source of truth. ## πŸ” Bitwarden & Secrets Your secrets are stored in Bitwarden. If your session expires: - `bw-sync`: Loads existing session. - `bw-unlock`: Unlocks the vault (password is known). - `bw get password "item"`: Retrieves specific keys. ## πŸ€– AI Stack β€” Sub-agents & Routing Strategy ### Available agents | Agent | Model | Cost model | Strengths | |-------|-------|-----------|-----------| | `pipo` (self) | minimax-m2.7 (reasoning effort high) β†’ minimax-m2.5 | subscription (OpenRouter) + fallbacks | Igna chose minimax over gpt-5.3-codex β€” no more offers to switch | | `openrouter` | openrouter/auto β†’ openrouter/free | OpenRouter credits | General-purpose; OR picks best model per task. Use to spend OR credits or when CLI agents are rate-limited | | `clawrouter` | blockrun/auto β†’ openrouter/free | blockrun credits + free fallback | Dedicated routing agent β€” ask it when unsure where to send a task | | `codex` | GPT-5.3-Codex (CLI) | $20/mo flat, rate-limited | Coding, refactoring, code review | | `claude` | Claude Sonnet 4.6 (CLI) | $20/mo flat, rate-limited | Complex reasoning, writing, analysis | | `claude-opus` | Claude Opus 4.6 (CLI) | $20/mo flat, strictest limits | Highest quality β€” use sparingly | | `gemini` | Gemini CLI | Free (no hard limits) | General tasks, summaries, quick answers | | `deepseek-code` | DeepSeek Chat (API) | ~$8.10 credit, cheap/token | Coding + reasoning, credit-efficient | | `kimi` | Kimi K2.5 (API) | ~$10 credit | Long context (200k), coding, multilingual | ### Routing rules β€” pick the cheapest option that fits 1. **Simple Q&A, summaries, quick tasks** β†’ `gemini` (free, no limits). First choice for anything lightweight. 2. **Coding tasks** β†’ `codex` (subscription, best at it). Fallback: `kimi` (credits, 200k ctx) β†’ `deepseek-code` (credits, cheap). 3. **Complex reasoning / analysis / writing** β†’ `claude` (subscription). Fallback: `kimi` β†’ `deepseek-code`. 4. **Very long context (>32k tokens)** β†’ `kimi` (200k window, credits). Fallback: `claude`. 5. **Highest quality, no compromise** β†’ `claude-opus` (use only when truly needed β€” strictest rate limits). 6. **Unknown / mixed / unsure** β†’ ask `clawrouter` β€” it uses blockrun/auto to decide. 7. **CLI agents rate-limited / want to use OpenRouter credits** β†’ `openrouter` agent (uses `openrouter/auto` β€” OR picks best model per task). 8. **Emergency / everything else rate-limited** β†’ `openrouter/free` (free tier, unpredictable model). ### Credit preservation order (spend last) Moonshot ($10) and DeepSeek ($8.10) are your most valuable paid credits β€” don't burn them on tasks gemini/codex/claude can handle. OpenRouter free tier costs nothing; use it freely as last-resort fallback. ### Shell wrappers - `g "prompt"`: Gemini CLI - `c "prompt"`: Codex safe mode (read-only) - `cn "prompt"`: Codex network mode (full access, git/npm) - `kimi-openclaw "prompt"`: Kimi K2.5 direct ## πŸ“‘ Channels & Communication ### Telegram (@chicho_pipo_bot) - Primary channel for Ignacio ↔ Pipo communication - **Fixed 2026-03-18:** `autoSelectFamily` changed from `false` to `true` in `openclaw.json` β†’ `channels.telegram.network`. The old IPv4-only setting caused 37% message delivery failures due to Oracle Cloud dual-stack networking stalls. With `true`, Node.js falls back to IPv6 automatically. - If Telegram delivery breaks again, check logs: `grep "sendMessage failed\|Polling stall" /tmp/openclaw/openclaw-*.log` - Retry config: 6 attempts, 1.5s–90s backoff, 60s timeout ### Discord (backup β€” not yet configured) - Extension installed at `/usr/lib/node_modules/openclaw/extensions/discord/` - Setup: create bot at discord.com/developers, enable Message Content + Server Members intents, configure with `openclaw config set channels.discord.enabled true --json` and `openclaw config set channels.discord.token "TOKEN" --json` - Docs: `/usr/lib/node_modules/openclaw/docs/channels/discord.md` ### Gateway Restarts Ignacio authorizes gateway restarts when needed. Use `openclaw gateway restart`. Config hot-reload also works for some settings (confirmed for `channels.telegram.network.autoSelectFamily`). ## πŸ”’ Security Baseline (as of 2026-03-05) Expected open ports β€” anything else is a regression: - `:22` SSH β€” public (normal) - `100.87.116.90:443` OpenClaw dashboard β€” Tailscale only - `100.87.116.90:58687` Tailscale β€” Tailscale only Disabled services: CUPS (`sudo snap disable cups`), rpcbind (masked socket unit). Quick check: `ss -tlnp | grep -v "127.0.0" | grep -v "::1"` openclaw.json agent model format β€” only `{primary, fallbacks}` is valid. Extra fields crash the gateway. ## πŸš€ Deployment (Maxxxed Out) You can now lift sites! - **Port 443 root (`/`) is reserved for the OpenClaw dashboard. Do not overwrite it with `tailscale serve`.** - **Ports 3001-3010** are mapped to the host for preview apps. - Use `pipo-deploy [name]` to expose a running service under `/preview//` without touching the dashboard. - Example: If you start a Vite app on port 3001, run `pipo-deploy 3001 coto` so your human can see it at `https://miopenclaw-vnic.tail9799d2.ts.net/preview/coto/`. - Remove a preview with `pipo-undeploy `. ## πŸ›’ Supermarket Orders β€” ALL 4 STORES WORKING (as of 2026-03-05) **Architecture: HTTP cookie bridge** β€” export cookies once via Chrome relay β†’ save to `session-cookies.json` β†’ pure HTTP calls for recurring autonomous runs. No browser needed after export. **Chrome relay CDP auth:** `ws://127.0.0.1:18792/cdp` with header `x-openclaw-relay-token: ` β€” raw `ws` npm package (NOT Playwright connectOverCDP). ### Store reference table | Store | Auth cookie | Hostname | Orders | Data dir | |-------|-------------|----------|--------|----------| | DIA | `VtexIdclientAutCookie_diaio` | `diaonline.supermercadosdia.com.ar` | 18 | `data/dia/` | | Carrefour | `VtexIdclientAutCookie_carrefourar` | `www.carrefour.com.ar` | 2 | `data/carrefour/` | | Disco | `VtexIdclientAutCookie_discoargentina` | `www.disco.com.ar` | 1 | `data/disco/` | | Jumbo | `VtexIdclientAutCookie_jumboargentinaio` | `www.jumbo.com.ar` | 0 | `data/jumbo/` | | Changomas | `VtexIdclientAutCookie_masonlineprod` | `www.masonline.com.ar` | 0 | `data/changomas/` | All use standard VTEX OMS API: `GET /api/oms/user/orders?page=N&per_page=50` + detail at `/api/oms/user/orders/{orderId}`. Exception: DIA uses custom endpoint `/_v/private/store-services/diadigital/orders`. Prices in cents β€” divide `totalValue` / `sellingPrice` by 100 for ARS. ### Two-step workflow (per store) 1. **Export** (needs logged-in tab + relay ON): `node scripts/_export_cookies.js` 2. **Fetch** (fully autonomous): `node scripts/_fetch_orders_http.js` β†’ JSON + CSV + timestamped archive Cookies last weeks–months. Re-export only when HTTP 401/403 appears. ### DIA note Login at `auth.diadigital.app` is Flutter web β€” headless form automation is unreliable. Cookie bridge bypasses entirely. Full runbook: `dia-autonomy-runbook.md` ### Next milestone Build product ranking / report sites for Carrefour, Disco, Jumbo β€” same pattern as `dia-report/` (scripts: `dia_build_product_ranking.js`, `dia_build_report_data.js`). ## πŸͺ Promos Bancarias Supermercados β€” AUTΓ“NOMO βœ… (2026-03-06) Script: `node /home/ubuntu/.openclaw/workspace/scripts/fetch_bank_promos.js` Cron: systemd timer `bank-promos-fetch.timer` β€” corre 09:00 y 21:00 UTC (06:00 y 18:00 AR) PΓ‘gina: `https://miopenclaw-vnic.tail9799d2.ts.net/preview/super-ranking/descuentos.html` Datos: `super-ranking-report/bank-promos-data.js` + `data/discounts/bank-promos-latest.json` **APIs por tienda:** - Coto: ATG API `/rest/model/atg/actors/cProfileActor/getPromociones?enviroment=ag` - Jumbo+Disco: VTEX Master Data `JN/documents/bankDiscount?an=jumboargentina` (filtrar `websites`) - Carrefour: VTEX GraphQL `GetPromotions` hash=`cdedb2142b13...` account=`carrefourar` - Changomas: VTEX GraphQL `GetPromos` hash=`1a071ebc5dc4...` account=`masonlineprod` - DIA: HTTP GET `/medios-de-pago-y-promociones` β†’ parse `__STATE__` JSON blob en el HTML (script inline con `ModalText`+`promotions`) β†’ `props.promotions[]` contiene `promotionFirstText/SecondText/ThirdText`, `ModalText` (legal completo), `daysToShow:{all,monday,...}`, `DarkFlag/LightFlag` (canal). Fully autonomous, source=`vtex-ssr-html`. Detalle completo: `memory/2026-03-05-promos-scraping.md` **Endgoal:** Pipo conoce consumos de Ignacio β†’ calcula mejor dΓ­a/tienda/tarjeta β†’ arma carrito β†’ Ignacio finaliza. ## πŸ›οΈ Descuentos de Productos β€” AUTΓ“NOMO βœ… (2026-03-06) Script: `node /home/ubuntu/.openclaw/workspace/scripts/fetch_product_promos.js` Cron: systemd timer `product-promos-fetch.timer` β€” corre 08:00 y 20:00 UTC (05:00 y 17:00 AR) Datos: `super-ranking-report/product-promos-data.js` + `data/discounts/product-promos-latest.json` **Estrategia two-phase (VTEX cluster scan):** - Phase 1: IS API `/_v/api/intelligent-search/product_search?map=c&query={slug}` β†’ descubre cluster IDs de promo activos desde `clusterHighlights` (Jumbo/Disco) o `productClusters` (resto) - Phase 2: catalog API `fq=productClusterIds:{id}` pagina todos los productos del cluster **Resultados (primera corrida):** | Store | Products | Clusters | |-------|----------|----------| | Jumbo | 13,225 | 234 | | Disco | 12,036 | 287 | | Carrefour | 24,660 | 203 | | Changomas | 32,632 | 339 | | DIA | 2,600 | 144 | | **Total** | **85,153** | **1,207** | ## πŸ“‚ Directories - Workspace: `/workspace` (shared with host). - Stack: `/home/ubuntu/.openclaw/workspace/ops/docker-cli-stack`.