OpenClaw Docker: Container Deployment Guide
OpenClaw can run in Docker containers for easy deployment and sandboxed execution. This guide covers Docker setup, sandbox mode, and production deployment.
Quick Start with Docker
# Clone the repo
git clone https://github.com/openclaw/openclaw.git
cd openclaw
# Configure environment
cp .env.example .env
# Edit .env with your API keys
# Start with Docker Compose
docker compose up -d
Full Docker docs: Docker installation
Docker Compose Configuration
The included docker-compose.yml provides a production-ready setup:
version: "3.8"
services:
openclaw:
image: ghcr.io/openclaw/openclaw:latest
container_name: openclaw
restart: unless-stopped
ports:
- "18789:18789"
environment:
- ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
- OPENAI_API_KEY=${OPENAI_API_KEY}
volumes:
- ./config:/root/.openclaw
- ./workspace:/root/.openclaw/workspace
Environment Variables
Create a .env file:
# Required: At least one API key
ANTHROPIC_API_KEY=sk-ant-your-key
OPENAI_API_KEY=sk-your-key
# Optional: Channel tokens
TELEGRAM_BOT_TOKEN=123456:ABCDEF
DISCORD_BOT_TOKEN=your-discord-token
SLACK_BOT_TOKEN=xoxb-your-token
SLACK_APP_TOKEN=xapp-your-token
Sandbox Mode
OpenClaw supports running non-main sessions in Docker sandboxes for security.
How It Works
- Main session: Tools run on the host (trusted, just you)
- Non-main sessions: Tools run in per-session Docker containers
Enable Sandbox Mode
Add to ~/.openclaw/openclaw.json:
{
agents: {
defaults: {
sandbox: {
mode: "non-main",
},
},
},
}
Sandbox Tool Allowlist
Default allowed in sandbox:
bash,process,read,write,editsessions_list,sessions_history,sessions_send,sessions_spawn
Default denied in sandbox:
browser,canvas,nodes,cron,discord,gateway
Full config: Sandbox configuration
Remote Gateway on Linux
It's perfectly fine to run the Gateway on a small Linux instance. Clients connect over:
- Tailscale Serve/Funnel — Secure tailnet access
- SSH tunnels — Traditional secure access
Architecture
- Gateway host: Runs the exec tool and channel connections
- Device nodes: Run device-local actions (camera, screen recording, notifications)
In short: exec runs where the Gateway lives; device actions run where the device lives.
Details: Remote access
Tailscale Integration
OpenClaw can auto-configure Tailscale Serve or Funnel:
{
gateway: {
tailscale: {
mode: "serve", // or "funnel" for public access
resetOnExit: true,
},
auth: {
mode: "password", // Required for funnel
},
},
}
serve: Tailnet-only HTTPS accessfunnel: Public HTTPS (requires password auth)
Full guide: Tailscale guide
Building from Source
git clone https://github.com/openclaw/openclaw.git
cd openclaw
pnpm install
pnpm ui:build # Auto-installs UI deps
pnpm build
pnpm openclaw onboard --install-daemon
Production Checklist
Security
- [ ] Review DM policies:
openclaw doctor - [ ] Enable sandbox mode for non-main sessions
- [ ] Use Tailscale or VPN for remote access
- [ ] Set strong passwords if using Funnel
Reliability
- [ ] Use
restart: unless-stoppedin Docker - [ ] Monitor with
openclaw gateway status - [ ] Check logs:
docker compose logs -f openclaw
Updates
- [ ] Pull latest:
docker compose pull - [ ] Restart:
docker compose up -d - [ ] Check version:
openclaw --version
Development Channels
- stable: Tagged releases, npm
latest - beta: Prerelease tags, npm
beta - dev: Moving head of
main, npmdev
Switch channels:
openclaw update --channel stable # or beta, dev
Troubleshooting
Container won't start
Check logs:
docker compose logs openclaw
Common issues:
- Missing environment variables
- Port conflicts on 18789
Gateway unreachable
- Verify ports are exposed:
docker compose ps - Check firewall rules
- Ensure Tailscale is connected if using Serve/Funnel
Sandbox issues
Ensure Docker is running and accessible from the Gateway container.
Next Steps
- Getting Started — Full guide
- Security — Best practices
- Tailscale — Remote access
- Nix Mode — Declarative config