Deploy OpenClaw with Docker: Complete Setup Guide

Docker is the fastest way to deploy OpenClaw on a server. No Node.js version headaches, no dependency conflicts, no “works on my machine” problems. Pull the image, configure, run.

This guide covers everything from a basic single-container setup to a production-ready deployment with persistent storage, automatic restarts, and health checks.

Prerequisites

• A server with Docker installed (VPS, Raspberry Pi 4+, home server, or even a Mac Mini)
• An API key from at least one AI provider (OpenAI, Anthropic, Google, etc.)
• A messaging channel configured (Telegram, Discord, Slack, or WhatsApp)

Quick Start (5 Minutes)

# Create a directory for OpenClaw
mkdir -p ~/openclaw && cd ~/openclaw

# Create your config
cat > clawdbot.json << 'EOF'
{
  "llm": {
    "provider": "anthropic",
    "model": "claude-sonnet-4-20250514"
  },
  "channels": {
    "telegram": {
      "token": "YOUR_TELEGRAM_BOT_TOKEN"
    }
  }
}
EOF

# Create environment file
cat > .env << 'EOF'
ANTHROPIC_API_KEY=sk-ant-xxxxx
EOF

# Run OpenClaw
docker run -d \
  --name openclaw \
  --restart unless-stopped \
  --env-file .env \
  -v $(pwd):/app/workspace \
  ghcr.io/openclaw/openclaw:latest

That’s it. Your agent is live on Telegram.

Production Setup with Docker Compose

For a real deployment, use docker-compose.yml:

version: '3.8'

services:
  openclaw:
    image: ghcr.io/openclaw/openclaw:latest
    container_name: openclaw
    restart: unless-stopped
    env_file: .env
    volumes:
      # Workspace (config, memory, skills)
      - ./workspace:/app/workspace
      # Persistent data (session logs, transcripts)
      - openclaw-data:/app/data
    healthcheck:
      test: ["CMD", "openclaw", "status"]
      interval: 60s
      timeout: 10s
      retries: 3
    logging:
      driver: json-file
      options:
        max-size: "10m"
        max-file: "3"

volumes:
  openclaw-data:

Environment Variables

Your .env file should contain API keys and secrets:

# AI Provider (pick one or more)
ANTHROPIC_API_KEY=sk-ant-xxxxx
OPENAI_API_KEY=sk-xxxxx
GOOGLE_AI_API_KEY=AIzaxxxxx

# Optional: OpenRouter for model routing
OPENROUTER_API_KEY=sk-or-xxxxx

# Channel tokens
TELEGRAM_BOT_TOKEN=123456:ABCdefGHIjklMNO
DISCORD_BOT_TOKEN=MTIxxxxx

# Security
GATEWAY_TOKEN=your-secure-random-string

Security tip: Never commit .env to version control. Add it to .gitignore.

Raspberry Pi Deployment

OpenClaw runs great on a Raspberry Pi 4 (4GB+). The ARM64 image is available:

# On Raspberry Pi OS (64-bit)
docker pull ghcr.io/openclaw/openclaw:latest

# Same docker-compose as above works
docker compose up -d

Performance notes:

• Pi 4 (4GB): Handles 1-2 agents comfortably
• Pi 4 (8GB): Can run 4-6 agents with model routing
• Pi 5: Smooth experience, comparable to a VPS

Power considerations: A Pi 4 draws ~5W. Running 24/7 costs about $5/year in electricity — cheaper than any cloud VPS.

VPS Deployment

DigitalOcean / Hetzner / Vultr

A $5-6/month VPS (1 vCPU, 1GB RAM) is enough for a single agent. For multi-agent teams, go with 2GB+ RAM.

# SSH into your VPS
ssh root@your-server-ip

# Install Docker
curl -fsSL https://get.docker.com | sh

# Clone your config repo (or create manually)
git clone https://github.com/you/my-openclaw-config.git ~/openclaw
cd ~/openclaw

# Add your .env file
nano .env

# Launch
docker compose up -d

# Check logs
docker compose logs -f

Auto-Updates

Keep OpenClaw updated automatically with Watchtower:

# Add to docker-compose.yml
services:
  watchtower:
    image: containrrr/watchtower
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    command: --interval 86400 openclaw
    restart: unless-stopped

This checks for new OpenClaw images daily and auto-updates.

Persistent Storage

OpenClaw stores important data in two places:

1. Workspace (/app/workspace) — Your config, SOUL.md, memory files, skills
2. Data (/app/data) — Session logs, transcripts, cron state

Both must be mounted as volumes to survive container restarts:

volumes:
  - ./workspace:/app/workspace    # Your config + memory
  - openclaw-data:/app/data       # Session logs + state

Backup strategy:

# Daily backup cron (add to host crontab)
0 3 * * * tar czf ~/backups/openclaw-$(date +%Y%m%d).tar.gz ~/openclaw/workspace

Or let OpenClaw back itself up — configure a daemon agent with a nightly backup cron job that commits to git.

Networking & Security

Expose the Gateway (Optional)

If you want remote access to OpenClaw’s web UI:

ports:
  - "127.0.0.1:3000:3000"  # Only localhost

Use a reverse proxy (Caddy, nginx) with HTTPS for external access:

# Caddyfile
openclaw.yourdomain.com {
    reverse_proxy localhost:3000
    basicauth {
        admin $2a$14$...  # bcrypt hash
    }
}

Firewall Rules

# Only allow SSH and HTTPS
ufw allow 22/tcp
ufw allow 443/tcp
ufw enable

OpenClaw connects outbound to AI APIs and messaging platforms. No inbound ports needed unless you’re using webhooks.

Troubleshooting

Container won’t start

docker logs openclaw
# Check for config errors, missing env vars, or permission issues

Agent not responding

# Check if the process is running
docker exec openclaw openclaw status

# Restart cleanly
docker compose restart

High memory usage

Multi-agent setups can use 500MB-1GB RAM. If your VPS is tight:

• Reduce contextTokens per agent
• Use fewer concurrent agents
• Set memory limits in docker-compose:

deploy:
  resources:
    limits:
      memory: 512M

Permissions issues

# Fix workspace ownership
docker exec openclaw chown -R node:node /app/workspace

Next Steps

Once running:

1. Add skills — Install from ClawHub: openclaw skills install <name>
2. Set up cron jobs — Morning briefs, inbox checks, overnight work
3. Configure memory — Create SOUL.md, USER.md, and MEMORY.md
4. Multi-agent — Add more agents as your needs grow

Docker makes OpenClaw portable. Start on a Pi, move to a VPS, scale to a dedicated server — your config and memory travel with you. Before exposing your instance to the network, review our complete security guide.