March 1Mar 1 OverviewUnraidClaw is a permission-enforcing REST API gateway that lets AI agents manage your Unraid server. It sits between AI tools and your server, providing a unified API with fine-grained access control, authentication, and activity logging.Instead of giving AI agents direct access to Unraid internals, UnraidClaw acts as a controlled gateway. It combines Unraid's GraphQL API with direct system integration (CLI commands for parity checks, reboot/shutdown, and syslog; filesystem operations for share config editing and notification management; network introspection via ip) to expose capabilities that no single Unraid API covers.It works with any AI agent that speaks HTTP, and ships with an OpenClaw plugin for plug-and-play integration.What does it do?The plugin installs a Node.js server and a web interface that together give you:43 tools across 11 categories:Docker – List, inspect, logs, start, stop, restart, pause, unpause, remove containersVirtual Machines – List, inspect, start, stop, force stop, pause, resume, reboot VMsArray – Status, start/stop array, parity check start/pause/resume/cancelDisks – List disks, view individual disk details and SMART dataShares – List shares, view details, edit settings (comment, allocator, split level, floor)System – System info, CPU/memory metrics, list services, reboot, shutdownNotifications – List, create, archive, delete notificationsNetwork – View interfaces, routes, and DNS configurationUsers – View current user infoLogs – Read syslog entriesSettings Page (Settings > UnraidClaw) with four tabs:Dashboard – Service status, server info, quick health checkSettings – Service enable/disable, port configuration, API key generationPermissions – Full resource:action permission matrix with presets (Read Only, Docker Manager, VM Manager, Full Admin, None). 21 individual permission toggles across 8 categoriesActivity Log – Searchable log of all API requests with timestamps, endpoints, methods, and resultsSecurity:HTTPS with auto-generated self-signed TLS certificate (EC prime256v1, 10-year validity)API keys hashed with SHA-256 before storage; the plaintext key is never persistedEvery request authenticated via API key ( x-api-key header ) and checked against the permission matrixAll activity logged in JSONL formatRuns locally on your Unraid box, no cloud dependenciesOpenClaw Plugin (npm) – For AI agents that support the OpenClaw protocol:npm pack unraidclaw && openclaw plugins install unraidclaw-*.tgz && rm unraidclaw-*.tgzRegisters all 43 tools automatically. Configure with your server URL and API key in ~/.openclaw/openclaw.json.{ "plugins": { "entries": { "unraidclaw": { "config": { "serverUrl": "https://YOUR_UNRAID_IP:9876", "apiKey": "YOUR_API_KEY", "tlsSkipVerify": true } } } } }RequirementsUnraid 7.0.0 or later (Node.js 22+ is built-in)InstallationCommunity Applications (coming soon, waiting for approval)Search for UnraidClaw in the CA plugin store.Manual InstallGo to Plugins > Install Plugin and paste:https://raw.githubusercontent.com/emaspa/unraidclaw/main/packages/unraid-plugin/unraidclaw.plgQuick StartGo to Settings > Management Access in the Unraid WebGUI, scroll to the API section, and copy your Unraid API keyGo to Settings > UnraidClaw, paste the Unraid API key into the Unraid API Key fieldGenerate an UnraidClaw API key (save it, it won't be shown again)Configure permissions on the Permissions tabSet Service to Enabled and click ApplyThe server starts on port 9876 over HTTPS.TroubleshootingService won't start: Check that Node.js 22+ is available. Run node --version in the Unraid terminal.Connection refused: Verify the service is running: /etc/rc.d/rc.unraidclaw statusTLS certificate errors: If your AI client doesn't accept self-signed certs, set tlsSkipVerify: true in the OpenClaw config.Permission denied on API call: Check the Activity Log tab to see which permission was denied, then enable it on the Permissions tab.API key not working: The key is shown only once during generation. If lost, generate a new one from the Settings tab.Support & FeedbackPlease report bugs and feature requests on the GitHub Issues page.For general discussion, questions, support and feedback, feel free to post in this thread.Source code: github.com/emaspa/unraidclaw Edited March 31Mar 31 by bubbl3
March 1Mar 1 Author v0.1.31FixesParity-check status now reflects reality (#14, thanks @rodaballo)/api/array/parity/status previously read Unraid's GraphQL array.parityCheckStatus, which doesn't reflect parity checks started outside Connect (via mdcmd, cron, or the webGUI) — so it reported no activity during a running check.It now reads live md-driver state from mdcmd status (the same source the webGUI uses, consistent with how start/pause/resume/cancel already shell out to mdcmd).APIBackward compatible — the existing keys keep their names and now carry real data, with new fields added:FieldSourcerunningmdResyncPos>0 ‖ mdResync>0progressmdResyncPos / mdResyncSize (0–100)speed / speedHumanmdResyncDb / mdResyncDt (KiB/s) / MB/s stringerrorssbSyncErrspaused (new)in progress but not advancingcorrecting (new)mdResyncCorraction (new)mdResyncAction (e.g. "check P Q")position / size (new)KiB done / totallastCheck (new)start/finish/duration/exit of the previous checkNo changes required for existing API consumers (OpenClaw included)v0.1.30ImportantCritical fix. v0.1.27–v0.1.29 silently chowned host root paths (/, /usr, /usr/local, /usr/local/emhttp, ...) to UID 1001 on install, breaking SSH key authentication on systems with default StrictModes yes. All users on those versions should upgrade.FixesStop chowning host paths (#13)The build's tar invocation lacked --owner=root --group=root, so the GitHub Actions runner's UID 1001 was baked into every directory entry of the .txz. upgradepkg then preserved that ownership on the host's matching paths.Build now uses tar --owner=root --group=root --numeric-owner. All archive metadata is root:root.Heal existing installsPostinstall step issues a corrective chown root:root on the affected host paths. Upgrading to v0.1.30 fixes already-broken systems automatically. No-op on healthy systems.After upgrade, you can safely revert any StrictModes no workaround in /etc/ssh/sshd_config.Huge thanks to @justinmeader for the exceptional bug report, root cause and fix included.v0.1.29FixesFix POST /api/docker/containers rejecting valid registry-prefixed image references (#12)Now accepts host[:port]/path/name:tag (e.g. 192.168.178.158:5000/homelab/myapp:latest)Now accepts digest references (e.g. nginx@sha256:...)The previous validator only allowed a single : and didn't permit @, which blocked everyone running a local/private Docker registry.v0.1.28Fix min/max version to align with XML v7 minimum by @mstrhakr in #11v0.1.27Add memory stats (total, used, free, percent) to /api/system/info and /api/system/metricsAdd CPU load averages (1m, 5m, 15m) to /api/system/info and /api/system/metricsAdd disk usage (used, free, percent) to /api/disks endpoints via dfMake /api/system/metrics a lightweight endpoint for polling (memory + CPU load only)v0.1.26Security Hardening ReleaseFix command injection in syslog and notification endpoints (execSync to execFileAsync)Fix path traversal in notification archive/delete and docker template filenameRestrict CORS to local network origins onlyStop exposing Unraid API key in settings page HTMLRemove internal error details from API error responsesAdd rate limiting on API authentication (10 attempts/min per IP)Add input validation on docker:create parameters (image, ports, volumes, env, network)Validate share update fields (floor, splitLevel, comment)Set restrictive file permissions on config, permissions, and log filesEnforce strict boolean types in permission savesRequire WebGUI authentication on activity log PHP endpointsMove CSRF token from global JS variable to data attributev0.1.25Add Unraid WebUI Port setting for non-standard port configurationsGraphQL URL is now constructed automatically from the port (no more manual URL editing)v0.1.24Remove GraphQL URL from settings (hardcode to http://localhost/graphql)Prevents misconfiguration that caused 500 errors on all GraphQL-based endpointsv0.1.23Fix /api/health reporting hardcoded version "0.1.0" instead of actual installed versionVersion is now read from the .plg file automatically, so it always matches the installed releasev0.1.22Fix Docker inspect, logs, and all actions (start/stop/restart/pause/unpause) failing with 400 Bad RequestSwitch all Docker and VM operations from GraphQL to CLI for compatibility with Unraid 7.2.3Add docker:create endpoint for deploying containers via AI agents (thanks @bitcryptic-gw)Fix OpenAI function calling compatibilityFix global TLS bypass in OpenClaw plugin (now scoped per-connection)Fix XML injection in docker:create template generationAdd ADMIN API key requirement to documentationCorrect API route paths in READMEOpenClaw plugin also updated to v0.1.3 on npm:rm -rf ~/.openclaw/extensions/unraidclaw && npm pack unraidclaw && openclaw plugins install unraidclaw-*.tgz && rm unraidclaw-*.tgz openclaw gateway restartOn the OpenClaw side, multi server support has been added, config is backwards compatible, but you can have multiple servers configured this way:{ "plugins": { "allow": ["unraidclaw"], "entries": { "unraidclaw": { "config": { "servers": [ { "name": "home", "serverUrl": "https://192.168.1.100:9876", "apiKey": "...", "tlsSkipVerify": true, "default": true }, { "name": "work", "serverUrl": "https://10.0.0.50:9876", "apiKey": "..." } ] } } } } }With multi-server, every tool accepts an optional server parameter (e.g. unraid_docker_list(server: "work")). If omitted, the default server is used. Edited June 9Jun 9 by bubbl3
March 8Mar 8 Forgive me for asking but I'm currently using OpenClaw. What does this do for me that OpenClaw doesn't? Or why would pick to use this over openclaw? I'm relatively new to LLM API use and still learning daily.
March 9Mar 9 Author 12 hours ago, FlyingTexan said:Forgive me for asking but I'm currently using OpenClaw. What does this do for me that OpenClaw doesn't? Or why would pick to use this over openclaw? I'm relatively new to LLM API use and still learning daily.This adds an additional layer of control and security, since many of the commands are not available through the unraid API the alternative is to give OpenClaw SSH root access to your server, which i wouldn't recommend. The focus here is on risk aware security, give enough granular access for what you want OpenClaw to do without full unrestricted root access to your unraid machine.
March 13Mar 13 Author Since the plugin is stable features and functionality wise, the next couple of releases starting from v0.1.26 are going to be security hardening focused: https://forums.unraid.net/topic/197498-plugin-support-unraidclaw-ai-agent-gateway-with-permission-control/#findComment-1610700
March 19Mar 19 Looks super interesting, will give it a go! Very new to AI and currently use Claude desktop rather than openclaw. Can I use Claude desktop to connect to it?Cheers Stuart
March 20Mar 20 Author 5 hours ago, schford said:Looks super interesting, will give it a go! Very new to AI and currently use Claude desktop rather than openclaw. Can I use Claude desktop to connect to it?Cheers StuartYes you can, install the plugin in unraid and then point Claude to the github repository, it will figure it out :)
March 24Mar 24 Author 10 hours ago, schford said:Hi my Agent says he cant see some things any thoughts?That is correct, is not a bug, this is the data available on that API endpoint:Will see if it makes sense to add memory and cpu usage.Disks are on another endpoint, but only status no details on usage space:The array status shows the total used and free space:Having per disk stats is a good idea and will take it as a feature request. Edited March 24Mar 24 by bubbl3
March 24Mar 24 Author @schford There is also a new metrics endpoint for easy polling:Update plugin in unRAID and in OpenClaw:openclaw plugins update unraidclaw openclaw gateway restart Edited March 24Mar 24 by bubbl3
March 24Mar 24 Author Multi server support in OpenClaw has been added, config is backwards compatible, but you can have multiple servers configured this way:{ "plugins": { "allow": ["unraidclaw"], "entries": { "unraidclaw": { "config": { "servers": [ { "name": "home", "serverUrl": "https://192.168.1.100:9876", "apiKey": "...", "tlsSkipVerify": true, "default": true }, { "name": "work", "serverUrl": "https://10.0.0.50:9876", "apiKey": "..." } ] } } } } }With multi-server, every tool accepts an optional server parameter (e.g. unraid_docker_list(server: "work")). If omitted, the default server is used.
March 27Mar 27 Hey,install of the plugin seems to be broken with the current version of OpenClaw. When using openclaw plugins install unraidclaw you'll get an error saying that unraidclaw is a skill and to use openclaw skills install unraidclaw.When using that it installs fine, but once you configure it as a plugin in openclaw.json you'll break the installation as the gateway won't restart. Added the output of my shell. shell.log
March 29Mar 29 Author On 3/27/2026 at 1:05 PM, domori said:Hey,install of the plugin seems to be broken with the current version of OpenClaw. When using openclaw plugins install unraidclaw you'll get an error saying that unraidclaw is a skill and to use openclaw skills install unraidclaw.When using that it installs fine, but once you configure it as a plugin in openclaw.json you'll break the installation as the gateway won't restart. Added the output of my shell.shell.logThanks for surfacing this, nothing wrong with the plugin, Clawhub is being stupid and classified this as a skill instead of a plugin, submitted a correction but they are not the fastest, use this command to install: npm pack unraidclaw && openclaw plugins install unraidclaw-*.tgz && rm unraidclaw-*.tgzYou will need the same to update: rm -rf ~/.openclaw/extensions/unraidclaw && npm pack unraidclaw && openclaw plugins install unraidclaw-*.tgz && rm unraidclaw-*.tgzIf you installed from Clawhub you'll need to uninstall and install again Edited March 31Mar 31 by bubbl3
March 29Mar 29 Wow! Incredible stuff, thanks for that!Will try that as soon as my Openclaw is set up.
April 8Apr 8 Very interesting, thanks for sharing, please could you give me some real world examples of where I would see the most benefit in installing/enabling this?
April 10Apr 10 Author On 4/8/2026 at 1:48 PM, NodeCentral said:Very interesting, thanks for sharing, please could you give me some real world examples of where I would see the most benefit in installing/enabling this?Aside of general automation and orchestration, here's just a few scenarios:Monitoring and alerts -- Ask your AI agent "how are my disks doing?" and get back temperatures, SMART status, array health, and parity check progress in plain English. No need to open the WebGUI. Docker management -- "Stop the Plex container, update it, and start it again" or "spin up a new Nginx container on port 8080 with these volume mounts" -- all through natural language.Troubleshooting -- "Show me the last 200 lines of syslog filtered for errors" or "which containers are using the most resources?" -- get answers without SSH-ing in.Multi-server oversight -- If you run multiple Unraid boxes (home NAS + media server, or home + offsite backup), you can manage them all from one AI conversation: "compare disk usage across my home and backup servers."Scheduled checks -- Have your AI agent run a morning briefing: array status, any failed disks, parity errors, Docker containers that crashed overnight, unread notifications.Quick actions from anywhere -- Reboot the server, start/stop VMs, pause a parity check -- all from your phone through whatever chat interface your AI agent uses (Telegram, Discord, etc.), without opening a browser. The key value is turning Unraid management into a conversation instead of clicking through the WebGUI. The permission matrix means you control exactly what the agent can and can't do.
April 14Apr 14 im super new to this and hermes was extremely easier for me to setup and use. How do i intergrate this into my hermes setup ? thanks
April 20Apr 20 Author On 4/14/2026 at 9:15 AM, prene1 said:im super new to this and hermes was extremely easier for me to setup and use. How do i intergrate this into my hermes setup ? thanksSorry for the late reply, I was on holiday.Would suggest pointed Herms to the repo and ask to build a skill, it should be able to do it by itself: https://github.com/emaspa/unraidclaw
May 12May 12 HelloI know this should be a stright forward plugin, but running the latest stable unraid and latest unraidclaw, I cant get unraidclaw and openclaw to speak to each other.I have attempted the following:Uninstalled and reinstalled the plugin.Checked the node --version and /etc/rc.d/rc.unraidclaw status to make sure those are good. And they areDouble checked my openclaw.json file to make sure "tlsSkipVerify: true" and it is.I have Created multiple keys and double checked my openclaw.json file try different api keys. To no successBut no matter what I try, openclaw and unraidclaw just do not speak to each other. Any time I type something that the unraidclaw should understand I get a wall of text, that pops up in the logs, which is attached below, and I continue to get api resonses or calls. Any assistance would be great! 2026-05-12T171544.731-0500 [reload].txt
May 16May 16 I really like your plugin interface. Would be very useful to expose it as a MCP server so it can integrate with broader clients (e.g OpenWebUI, LobeHub or RikkaHub on android). Is there any plan to support this?
May 18May 18 Author On 5/12/2026 at 3:25 PM, Mrtj18 said:HelloI know this should be a stright forward plugin, but running the latest stable unraid and latest unraidclaw, I cant get unraidclaw and openclaw to speak to each other.I have attempted the following:Uninstalled and reinstalled the plugin.Checked the node --version and /etc/rc.d/rc.unraidclaw status to make sure those are good. And they areDouble checked my openclaw.json file to make sure "tlsSkipVerify: true" and it is.I have Created multiple keys and double checked my openclaw.json file try different api keys. To no successBut no matter what I try, openclaw and unraidclaw just do not speak to each other. Any time I type something that the unraidclaw should understand I get a wall of text, that pops up in the logs, which is attached below, and I continue to get api resonses or calls. Any assistance would be great!2026-05-12T171544.731-0500 [reload].txtThe OpenClaw logs don't say much unfortunately, from your screenshot doesn't seem like there has been any request to UnraidClaw server, you should see both successful and failed ones there under activity. Can you share the related OpenClaw config (minus the API key of course).
May 18May 18 Author On 5/16/2026 at 4:07 AM, socool said:I really like your plugin interface. Would be very useful to expose it as a MCP server so it can integrate with broader clients (e.g OpenWebUI, LobeHub or RikkaHub on android). Is there any plan to support this?Interesting suggestion, will keep it in mind, atm I can't spend much time on this aside essential fixes as I'm traveling for work, but will look into it sometime in June.
May 18May 18 1 hour ago, bubbl3 said:The OpenClaw logs don't say much unfortunately, from your screenshot doesn't seem like there has been any request to UnraidClaw server, you should see both successful and failed ones there under activity. Can you share the related OpenClaw config (minus the API key of course).upon inspection I have found that my openclaw.json was missing the required lines mentioned in the install instructions. ( I dont know how, I had them inserted correctly before) and now when I attempt to insert them it is giving me syntax error or unrecognized key error when inserting the required config lines or api key. Do you have any tips to clean this up? Openai was still giving me bad config lines and commas to insert. I took out my identifying info and api's the best I could.openclaw.json Edited May 18May 18 by Mrtj18
May 18May 18 Author 2 hours ago, Mrtj18 said:upon inspection I have found that my openclaw.json was missing the required lines mentioned in the install instructions. ( I dont know how, I had them inserted correctly before) and now when I attempt to insert them it is giving me syntax errors when inserting the required config lines. Do you have any tips to clean this up. I dont understand how to fix syntax errors. Openai was still giving me bad config lines and commas to insert. I took out my identifying info and api's the best I could.openclaw.jsonYou have a trailing comma there:"plugins": { "unraidclaw": { "serverUrl": "http://192.168.50.122:9876", "apiKey": "7f3fa56ce...", ← trailing comma },It should be:"plugins": { "unraidclaw": { "serverUrl": "http://192.168.50.122:9876", "apiKey": "7f3fa56ce..." }, In general you seems a bit inexperienced here, would suggest reading docs and asking for help in the OpenClaw subreddit, having an LLM writing your config means you won't really know how it works. Also not sure what LLM you're using, it should have catched the trailing comma, it's basic JSON.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.