BrightDone Tickets → OpenClaw Integration

Overview

This integration allows Truc Munroc — an OpenClaw AI agent running 24/7 on a dedicated Mac server — to check open support tickets from the BrightDone help desk (HESK) hosted at netpotent.com, all via a simple Telegram message. Truc queries the HESK MySQL database through a lightweight PHP API and returns a formatted summary of open tickets including subject, status, priority, and dates. This is a read-only integration — Truc can never create, modify, or close tickets.

Example Telegram triggers: "Check for new tickets" · "How many open tickets do I have?" · "Look up ticket ABC-123"

Architecture

📱

You (Telegram)

@Truc_Claw_Bot · Pairing code secured

Send a natural language request such as "Hey Truc, check my tickets." Only approved users can interact via the pairing code policy.

TRIGGER

Natural language request

🦞

OpenClaw Gateway / Truc Munroc

Mac Server · 192.168.1.29 · OpenClaw 2026.2.15 · macOS LaunchAgent

Truc (powered by Claude Haiku 4.5) reads the brightdone-tickets skill, extracts intent, and executes check_tickets.sh with the API key from the environment variable BRIGHTDONE_API_KEY.

OPENCLAW AGENT

HTTPS POST · X-API-KEY header

🔌

truc_api.php

netpotent.com · /home/[account]/public_html/BrightDone/ · Rate limited 30 req/min

Authenticates the request via API key header, applies no-cache headers, then runs read-only SELECT queries against the HESK MySQL database. Internal notes and attachments are never exposed.

PHP ENDPOINT

SELECT queries only

🗄️

HESK MySQL Database

HESK [version] · [db-name] · Table prefix: [table-prefix]_ · Timezone: America/Phoenix

Source of truth for all BrightDone support tickets. The API returns ticket data including tracking ID, subject, status, priority, submitter, and timestamps.

READ-ONLY DB

JSON rows returned

✅

Formatted Summary → Telegram

Critical & High priority tickets highlighted first

Truc formats the JSON response into a clean, readable summary and delivers it back to you in Telegram — no need to log into the HESK web interface.

RESPONSE

Data Flow — Step by Step

1

User sends a natural language request via Telegram (e.g., "Check my tickets")

2

OpenClaw Gateway on the Mac server receives the message and routes it to the Truc agent

3

Truc (powered by Claude Haiku 4.5) reads the BrightDone skill and executes check_tickets.sh

4

The PHP endpoint on netpotent.com authenticates the request via the X-API-KEY header

5

The endpoint queries the HESK MySQL database — SELECT only, no mutations

6

JSON results are returned to Truc, who formats them into a readable summary with priority ordering

7

The summary is delivered back to the user in Telegram

Available API Endpoints

Base URL: https://netpotent.com/BrightDone/truc_api.php

Open tickets

?action=open

All unresolved

Recent (7 days)

?action=recent

Default window

Recent (custom)

?action=recent&days=14

Max 30 days

Ticket counts

?action=count

Grouped by status

Single ticket

?action=ticket&id=ABC-123

By tracking ID

File Locations

File	Server	Path
PHP API endpoint	netpotent.com	`/home/[account]/public_html/BrightDone/truc_api.php`
HESK settings	netpotent.com	`/home/[account]/public_html/BrightDone/hesk_settings.inc.php`
OpenClaw config	Mac Server (Truc)	`~/.openclaw/openclaw.json`
Skill definition	Mac Server (Truc)	`~/.openclaw/workspace/skills/brightdone-tickets/SKILL.md`
Ticket check script	Mac Server (Truc)	`~/.openclaw/workspace/skills/brightdone-tickets/scripts/check_tickets.sh`
API key (env var)	Mac Server (Truc)	`BRIGHTDONE_API_KEY` in gateway config
Agent sessions	Mac Server (Truc)	`~/.openclaw/agents/main/sessions/`
Agent memory	Mac Server (Truc)	`~/.openclaw/workspace/memory/`

HESK Database Schema — Key Fields

Column	Type	Description
trackid	`varchar(13)`	Ticket tracking ID (e.g., 4VR-YYH-SZYZ)
u_name	`varchar(255)`	Submitter name
u_email	`varchar(1000)`	Submitter email
subject	`varchar(255)`	Ticket subject line
message	`mediumtext`	Ticket description / body
status	`tinyint`	0=New · 1=Waiting · 2=Replied · 3=Resolved · 4=In Progress · 5=On Hold
priority	`tinyint`	0=Critical · 1=High · 2=Medium · 3=Low
dt	`timestamp`	Date created
lastchange	`timestamp`	Last updated

Security Layers

Pairing code approval — only authorized users can message the bot. DM policy set to pairing mode.

API ENDPOINT

API key required via X-API-KEY header on every request. Rate limited to 30 req/min/IP.

DATABASE

Read-only — only SELECT queries. No INSERT, UPDATE, or DELETE. No internal notes or attachments exposed.

TRANSPORT

All traffic encrypted via HTTPS. No-cache headers prevent stale response caching at any layer.

CREDENTIALS

API key stored as BRIGHTDONE_API_KEY env var — never hardcoded in the skill file. Key redacted from Truc's output.

OPTIONAL: IP ALLOWLIST

Add $allowed_ips check in truc_api.php restricted to Truc's public IP. Get IP via curl -s ifconfig.me.

Credential Rotation

01

Generate a new key: openssl rand -hex 32

02

Update truc_api.php on the netpotent.com server

03

Update BRIGHTDONE_API_KEY in the OpenClaw gateway config on Mac Truc

04

Restart the gateway: openclaw gateway restart

05

No skill file edits needed — check_tickets.sh reads the env var automatically

Troubleshooting

API BROKEN / NO RESPONSE

Test directly: curl -s -H 'X-API-KEY: key' 'https://netpotent.com/BrightDone/truc_api.php'. If curl works but Truc fails, reset his session: openclaw sessions reset, then send /new in Telegram.

EMPTY / STALE RESPONSES

Server may be caching old PHP output. Rename the PHP file and update the skill to match. Verify no-cache headers are present in the curl response.

401 UNAUTHORIZED

API key mismatch. Ensure truc_api.php matches BRIGHTDONE_API_KEY in gateway config. After any rotation, restart: openclaw gateway restart.

DB CONNECTION FAILED

Verify MySQL credentials in truc_api.php match the DB user password. Test HESK itself at https://netpotent.com/BrightDone/ to confirm the database is up.

Usage Context

This is a personal ticketing system used by Curt and DD. DD opens tickets for household tasks; Curt resolves them. Volume is intentionally low. The integration allows Curt to check open tickets from his phone via Telegram without logging into the HESK web interface — Truc handles the query and formats the results automatically.