BorisDeck is a tmux dashboard for macOS. It brings btop system monitoring, Docker container status, curated log tailing, and OpenClaw agent observability into one keyboard-driven terminal workspace — no daemon, no web UI, just shell scripts.
brew install tmux jq btop docker && ./install.shStatus: macOS-tested preview. Shell-first by design — fast to copy into another workspace and run. Fallbacks kick in when btop or Docker is not installed.
Public captures are cropped to the terminal window and filtered to avoid raw audit prompts, hostnames, and secrets.
The name is a nod to Boris, my personal bot, and to Boris Grishenko from GoldenEye 007, my favorite James Bond movie. BorisDeck is not a Bond project; it is a terminal dashboard for local OpenClaw monitoring. The reference just fits the operator-console mood.
control- main dashboard with OpenClaw TUI, host metrics, curated logs, and OpenClaw activity.audit- raw command/model stream logs for exact after-the-fact review.system- full-screen system monitor usingbtopwhen installed.alerts- Codex/OpenClaw usage and lightweight alerts.docker- full-screen Docker container status and disk usage.
- macOS-tested tmux workspace for OpenClaw local development and testing.
- zsh/bash-friendly shell scripts with no background service to install.
- Full-screen
btopsystem monitor in the default system view. - Dedicated alerts window with Codex/OpenClaw usage and host/OpenClaw/Docker warnings.
- Built-in fallback host health panel when
btopis not installed. - Compact Docker status in the control dashboard and a full Docker window.
- Lightweight alerts for high load, high memory, high disk usage, Docker problems, recent OpenClaw failures, and Codex/OpenClaw usage visibility when available.
- Curated OpenClaw activity and signal log panes for quick scanning.
- Raw audit window for command and model stream review.
BorisDeck is not a hosted service, web dashboard, or general-purpose monitoring suite. It is a local terminal workspace for OpenClaw.
If you already live in the terminal, BorisDeck saves you from juggling five windows and four CLI tools when you just want to know "is everything OK?". Quick comparison:
| Tool | Layout | System metrics | Docker | Log tail | Agent observability | One command to launch |
|---|---|---|---|---|---|---|
| BorisDeck | Fixed tmux layout | btop + fallback |
Yes | Curated | OpenClaw-native | Yes (borisdeck) |
tmuxinator |
Custom YAML | No | No | DIY | No | Yes |
byobu |
Status bar overlay | Light | No | DIY | No | Yes |
wtfutil |
Tiled TUI app | Configurable | Plugin | Plugin | No | Replaces tmux |
gotop / glances |
Single TUI | Yes | glances only |
No | No | Single tool |
BorisDeck is opinionated — it gives you one dashboard already wired up, not a framework to assemble.
Required:
brew install tmuxRecommended:
brew install jq btop dockerjqgives cleaner parsing of JSON command events.btopadds a full-screen host monitor in thesystemtmux window.dockerenables container status in the control dashboard and Docker window. Docker Desktop or another Docker daemon must be running for live data.
You also need the openclaw CLI available on PATH.
For the current macOS test build, use the installer:
./install.shThe installer requires Homebrew, installs tmux, jq, btop, and docker, checks that
openclaw is available on PATH, runs an interactive setup wizard for AI features and security alerts (skip with BORISDECK_INSTALL_NONINTERACTIVE=1), and adds a borisdeck alias to your shell profile if one is not already present.
bin/borisdeck-setup.shWalks you through:
- Dependency check (tmux, jq, btop, docker, openclaw)
- AI provider — Ollama (local, default) or Anthropic API; pulls the Ollama model and offers to install Ollama itself
- Optional endpoint security alerts (
launchagent_new,agent_unexpected_child)
Everything you pick is written to ~/.borisdeck/env (mode 600). borisdeck.sh sources that file on every launch, so config persists across shell restarts and tmux server restarts. To inspect or edit by hand: $EDITOR ~/.borisdeck/env.
- The installer does not install OpenClaw. Install and configure
openclawfirst, then make sure it is available onPATH. - The installer edits your shell profile by appending a small
borisdeckalias block to~/.zshrc,~/.bashrc, or~/.profile. If aborisdeckalias already exists, it leaves it alone. - Homebrew may update package metadata while installing
tmux,jq,btop, anddocker. - Docker panels show an unavailable message if Docker Desktop or the Docker daemon is not running.
- Codex/OpenClaw usage is read from
openclaw status --usageand cached for 60 seconds. If OpenClaw cannot fetch usage data, BorisDeck shows an unavailable message instead of blocking the dashboard. - Existing tmux sessions keep their old layout. If BorisDeck detects an older layout, it asks whether to rebuild, attach to the existing session, or quit.
BORISDECK_DEFAULT_WINDOWmust point to a tmux window that exists in the session. The default is2, thesystemmonitor.- Audit logs and screenshots can expose prompts, commands, paths, session IDs, or tokens. Review anything from the
auditwindow before sharing it publicly.
From this workspace in Terminal, iTerm2, or another macOS terminal:
./borisdeck.shAfter running the installer and restarting your shell:
borisdeckCompatibility launcher:
./run_tmux.shIf you already have an old BorisDeck/OpenClaw tmux session running and want the newest layout:
tmux kill-session -t openclaw
./borisdeck.shDefault tmux prefix is usually Ctrl-b.
Ctrl-b 0 control dashboard
Ctrl-b 1 audit logs
Ctrl-b 2 system monitor
Ctrl-b 3 usage and alerts
Ctrl-b 4 docker monitor
Shortcut keys:
Ctrl-b c control dashboard
Ctrl-b a audit logs
Ctrl-b s system monitor
Ctrl-b u usage and alerts
Ctrl-b d docker monitor
Ctrl-b e AI explain (optional, see "AI features")
Ctrl-b n AI narrator — recap of recent OpenClaw activity (optional)
Ctrl-b h help
Press Ctrl-b, release both keys, then press the shortcut letter. The bottom
tmux bar shows the same shortcut map instead of tmux's raw numbered window
list, so the system/btop view stays clear about where to go next.
BorisDeck defaults to the system window when it starts or attaches. Set
BORISDECK_DEFAULT_WINDOW to choose a different tmux window.
If btop exits, the system window stays open with restart instructions. Press
Enter in that window to start btop again.
The alerts window also checks Codex/OpenClaw usage through openclaw status --usage. Set TMUX_RATE_LIMIT_INTERVAL to change the cache interval in
seconds.
The alerts panel can also surface a small set of macOS endpoint-security signals when run with BORISDECK_SECURITY_ALERTS=1:
launchagent_new(T1547.011) — diffs~/Library/LaunchAgents,/Library/LaunchAgents, and/Library/LaunchDaemonsagainst a baseline at~/.borisdeck/state/launchagent-baseline. First run writes the baseline silently. To accept current state and re-baseline,rmthe file.agent_unexpected_child(T1059) — watches forclaude/codex/openclawprocesses spawning child processes outside an allowlist of normal dev tools. Catches things likeosascript,nc, rawcurl,launchctl,defaults writebeing invoked by the agent.
export BORISDECK_SECURITY_ALERTS=1
./borisdeck.shTo suppress a noisy rule entirely, add its rule id to ~/.borisdeck/allow (one per line). Rule metadata lives in the header of bin/tmux-alerts-panel.sh.
BorisDeck ships with an opt-in AI provider abstraction (bin/lib/ai.sh) and two popups:
Ctrl-b e— AI explain: 3-line "likely cause / blast radius / next step" recap of the current alerts plus the last 50 OpenClaw log lines.Ctrl-b n— AI narrator: 4-6 sentence "what has my agent been up to?" recap of the recent OpenClaw command log and tool calls. Useful when stepping back to the keyboard after a long agent run.
Default provider is local Ollama so prompts never leave the machine. Switch to the Anthropic API when you want Haiku 4.5 with prompt caching.
# Local (recommended; no data leaves the machine)
brew install ollama
ollama pull qwen2.5:3b
ollama serve &
bin/borisdeck-setup.sh
# OR cloud (Haiku 4.5 with prompt caching)
bin/borisdeck-setup.sh # pick Anthropic APISet BORISDECK_AI_OFFLINE=1 as a hard kill-switch — overrides everything else and disables AI calls. Useful on planes, in regulated environments, or when demoing.
Override the model with BORISDECK_AI_MODEL (defaults: qwen2.5:3b for Ollama, claude-haiku-4-5 for Anthropic). For Anthropic, valid models depend on your API key — try claude-sonnet-4-6 or claude-opus-4-7 if Haiku is not enabled. For Ollama, any pulled model works (ollama list to see what you have).
Important — tmux config and secrets. tmux's server inherits its environment when first started, which can otherwise preserve old AI flags or API keys after setup changes. BorisDeck treats
~/.borisdeck/envas the source of truth:
borisdeck.shand the AI popups source~/.borisdeck/envdirectly.- Setup-managed vars are cleared before sourcing the file, so disabling AI or switching providers is not undone by stale tmux env.
- Non-secret AI flags are synchronized into tmux for compatibility, but
ANTHROPIC_API_KEYis explicitly removed from tmux's global and session environment. Cloud popups read it from~/.borisdeck/envonly when opened.If
Ctrl-b eorCtrl-b nshows "AI is disabled" after manual edits, open~/.borisdeck/envin your editor or rerunbin/borisdeck-setup.sh. No tmux restart is needed for popup config changes.
Environment variables:
BORISDECK_SESSION=openclaw
BORISDECK_DEFAULT_WINDOW=2
TMUX_RATE_LIMIT_INTERVAL=60
BORISDECK_RAW_STREAM_LOG="$HOME/.openclaw/logs/raw-stream.jsonl"
BORISDECK_COMMANDS_LOG="$HOME/.openclaw/logs/commands.log"Example:
BORISDECK_SESSION=demo ./borisdeck.shRun the smoke test:
bash tests/run_tmux_dashboard_test.shThe test checks the launcher wiring, helper script syntax, required executable bits, and one-shot rendering for the monitor/activity panels.
Not yet officially. The host metrics scripts use sysctl, vm_stat, and pagesize paths that are macOS-specific. Linux support is a planned next step — see CONTRIBUTING.md if you want to help.
tmuxinator is a session manager — you write YAML and it builds the panes. BorisDeck is a finished dashboard with monitoring scripts, alert rules, and OpenClaw wiring already done. Use tmuxinator for a framework; use BorisDeck for a dashboard.
No. The OpenClaw panels degrade gracefully if the CLI is not on PATH — you still get the system, Docker, and alerts windows. BorisDeck is useful as a general-purpose tmux dashboard even without OpenClaw.
Yes. The system window falls back to a panel built from top, ps, and df when btop is not installed.
A nod to the author's personal bot Boris and to Boris Grishenko from GoldenEye 007. The reference fits the operator-console feel; nothing more serious than that.
Contributions are welcome. Issues are suggested for larger changes, but direct pull requests are fine for small fixes and focused improvements. See CONTRIBUTING.md for project direction and contribution guidelines.
BorisDeck is released under the MIT License.
Created by Omar Gerardo Soto-Fortuno (@omarpr).
For a clean project screenshot:
-
Start fresh:
tmux kill-session -t openclaw 2>/dev/null || true ./borisdeck.sh
-
Capture the main view:
Ctrl-b 0 -
Capture the full system monitor if
btopis installed:Ctrl-b 2
Public README screenshots live in screenshots/. Do not publish audit-window captures unless you have reviewed every visible line for private prompts, paths, session IDs, and tokens.
- BorisDeck does not hide or redact raw logs in the
auditwindow. Treat that window as private. - The host monitor uses macOS shell tools and degrades gracefully when permissions restrict
top,ps, orsysctl. - For persistent raw-stream audit capture, OpenClaw should be started with raw stream logging enabled in its service configuration.