Mission Control

Self-hosted AI infrastructure monitoring. Track gateways, manage models, route inference, store secrets, and control costs — all from one dashboard.

Launch Dashboard → Get Started

Built for AI infrastructure teams

Mission Control is the operational layer for OpenClaw gateway fleets. It doesn't replace your gateways — it connects them.

Live Gateway Monitoring

Every gateway pushes heartbeats every 30 seconds. WebSocket push means the dashboard updates in real-time — no page reloads needed.

  • CPU, memory, disk per gateway
  • Docker container status
  • Custom HTTP/TCP service probes
  • Per-gateway filtered views via subdomain
cadburyonline30s ago
{
  "name": "Cadbury",
  "gateway": "Hetzner",
  "status": "online",
  "data": {
    "memory": { "used_gb": 3.6, "total_gb": 15.2 },
    "disk": { "used_percent": 73 }
  }
}

Model Inventory

Every gateway reports its configured models — provider, name, context window, capabilities, and cost. Models from OpenClaw config and local Ollama instances are auto-discovered.

  • 25+ models across all gateways
  • Provider breakdown: DeepSeek, Anthropic, Google, Groq, xAI, Ollama
  • Capability filtering: reasoning, vision, context limits
25 models6 providers
Provider    Model                 Context   Reasoning
deepseek    deepseek-v4-flash     1.0M      ✅
anthropic   claude-opus-4-7       1.0M      ✅
google      gemini-2.5-flash      1.0M      —
groq        llama-4-maverick      128K      —

Inference Profiles

Named configurations defining primary model, fallback chain, cost budget, and rate limits. A/B routing supported for gradual rollouts.

  • Primary + multi-step fallback chain
  • Configurable A/B traffic split
  • Budget enforcement: per-query max, monthly cap
  • Usage tracking: tokens, cost, fallback events
profile-dev-fastassigned: cadbury
{
  "primary": { "provider": "deepseek", "model": "deepseek-v4-flash" },
  "fallback": [
    { "provider": "groq", "model": "llama-4-scout" },
    { "provider": "google", "model": "gemini-2.5-flash" }
  ],
  "cost": { "monthly_budget": 10.00 }
}

Encrypted Vault

Provider API keys stored with AES-256-GCM encryption. Elevated auth token controls vault access. Key rotation re-encrypts all secrets in-place.

  • AES-256-GCM ciphertext at rest
  • Separate x-vault-token auth
  • Key rotation via API
  • Per-profile secret health check
VAULT_KEYAES-256-GCM
# Stored as ciphertext:
6561a2e4c8:1a2b3c:8a7b...

# Profile health:
profile-dev-fast:      2/2 keys set ✅
profile-prod-reasoning: 1/2 keys set ⚠️

WebDAV File Layer

Two-tier file storage: public via WebDAV, restricted via vault API. SHA256 checksums ensure integrity. Integrates with Obsidian and other WebDAV-native tools.

  • Profile exports as browsable files
  • Usage reports as CSVs
  • Encrypted vault backups
  • Integrity checker detects drift
WebDAV
/opt/mc-files/
├── public/              ← WebDAV
│   ├── profiles/
│   └── reports/
└── restricted/          ← API only
    ├── vault-backups/
    └── keys/

Technical Specs

Self-hosted. Node.js + SQLite. No external dependencies.

Runtime

Node.js 22 (ESM + CJS)

Database

SQLite (WAL mode)

Dashboard

Dark mode SPA · WebSocket push

Encryption

AES-256-GCM

Auth

Bearer token + vault token

File access

WebDAV + REST API

Heartbeat

Every 30s · 60s stale

License

MIT

Get Started

Install the mc-reporter plugin on any OpenClaw gateway. The plugin auto-registers with your relay and starts pushing heartbeats immediately.

PLUGIN

Automatic Install

One-command installer available via the distribution endpoint. Downloads the plugin, configures your gateway, and enables it on startup.

SOURCE

From Source

The entire Mission Control stack is in the Salus Studio mission-control project: relay server, master dashboard, plugin, and dashboard frontend.