Initial commit: OpenClaw Skill Collection

6 custom skills (assign-task, dispatch-webhook, daily-briefing,
task-capture, qmd-brain, tts-voice) with technical documentation.
Compatible with Claude Code, OpenClaw, Codex CLI, and OpenCode.

openclaw-knowhow-skill/docs/infrastructure/install/ansible.md

@@ -0,0 +1,32 @@
+# Ansible Installation Documentation
+
+## Overview
+The documentation describes OpenClaw's Ansible-based deployment system, emphasizing "firewall-first security" with a 4-layer defense architecture combining UFW, Tailscale VPN, Docker isolation, and systemd hardening.
+
+## Key Installation Details
+
+**One-command deployment:**
+```bash
+curl -fsSL https://raw.githubusercontent.com/openclaw/openclaw-ansible/main/install.sh | bash
+```
+
+**System requirements:** Debian 11+ or Ubuntu 20.04+ with root/sudo access and internet connectivity.
+
+**Components installed:**
+- Tailscale mesh VPN for encrypted remote access
+- UFW firewall (SSH and Tailscale ports only)
+- Docker and Node.js 22.x runtime
+- OpenClaw gateway (host-based, not containerized)
+- Systemd service for auto-start functionality
+
+## Security Architecture
+
+The installation implements layered protection: firewall rules restrict external exposure to SSH only, VPN mesh gates gateway access, Docker prevents container port leakage, and systemd applies privilege restrictions. Users can verify the attack surface using nmap, expecting only port 22 visibility.
+
+## Post-Installation
+
+After setup completes, switch to the openclaw user and run the onboarding wizard to configure provider connections (WhatsApp, Telegram, Discord, Signal) and verify gateway functionality through Tailscale.
+
+## Maintenance
+
+The Ansible playbook remains idempotent for rerunning during configuration changes. Manual installation is available via cloning the GitHub repository and executing the playbook directly.