OpenClaw Docker Setup: Complete Guide (Or Skip Docker Entirely)

Docker is the most popular way to self-host OpenClaw. It gives you an isolated environment, easy updates, and consistent behavior across different servers. Here's how to set it up.

Prerequisites

• A server or VPS with 2+ vCPU and 4GB+ RAM
• Docker and Docker Compose installed
• An AI provider API key (Anthropic, OpenAI, or Google)

Step 1: Create a Docker Compose File

Create a docker-compose.yml:

version: '3.8'
services:
  openclaw:
    image: openclaw/openclaw:latest
    container_name: openclaw
    restart: unless-stopped
    ports:
      - "3001:3001"
    volumes:
      - openclaw_data:/app/data
    environment:
      - ANTHROPIC_API_KEY=sk-ant-your-key-here
      - OPENCLAW_GATEWAY_TOKEN=your-secure-token
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:3001/health"]
      interval: 30s
      timeout: 10s
      retries: 3

volumes:
  openclaw_data:

Important: Set OPENCLAW_GATEWAY_TOKEN explicitly. Without it, OpenClaw regenerates the token on every restart, breaking your gateway connection.

Step 2: Start the Container

docker compose up -d

Watch the logs until you see [gateway] listening on:

docker compose logs -f openclaw

The gateway takes about 40 seconds to fully start. Don't worry about earlier messages like [entrypoint] Starting OpenClaw gateway — that's not the ready signal.

Step 3: Run the Setup Wizard

Connect to the container and run onboarding:

docker exec -it openclaw openclaw onboard

This walks you through:

• AI model selection
• API key verification
• Channel configuration (Telegram, WhatsApp, etc.)

Step 4: Connect Telegram

1. Create a bot with @BotFather on Telegram
2. Set the token:

docker exec -it openclaw openclaw config set telegram.token "YOUR_BOT_TOKEN"

3. Restart to apply:

docker compose restart openclaw

4. Send a message to your bot on Telegram
5. Approve the pairing code that appears in the logs:

docker exec -it openclaw openclaw pairing approve telegram CODE

Step 5: Configure Reverse Proxy (Optional but Recommended)

For HTTPS access, use Caddy:

your-domain.com {
    reverse_proxy localhost:3001
}

Then reload Caddy:

caddy reload --config /etc/caddy/Caddyfile --adapter caddyfile

Tip: If using Caddy as a reverse proxy, add trusted proxies:

docker exec -it openclaw openclaw config set gateway.trustedProxies '["127.0.0.1"]'

Common Docker Issues

Container restarts repeatedly

Check logs for port conflicts or missing environment variables:

docker compose logs --tail 50 openclaw

Permission denied errors

Fix file ownership inside the container:

docker exec -it openclaw chown -R node:node /app
docker compose restart openclaw

Gateway token changes on restart

You forgot to set OPENCLAW_GATEWAY_TOKEN. Add it to your docker-compose.yml and restart.

Can't connect from browser

Make sure port 3001 is exposed and not blocked by your firewall:

ufw allow 3001

Updating OpenClaw in Docker

docker compose pull
docker compose up -d

Your data persists in the openclaw_data volume, so updates are safe.

Or Skip Docker Entirely

All of the above takes 30-60 minutes and assumes you're comfortable with Docker, SSH, and Linux administration.

ClawTank does all of this for you in under 1 minute:

1. Pick your AI model
2. Paste your Telegram bot token
3. Sign in with Google

No Docker, no SSH, no docker-compose.yml, no reverse proxy configuration. Your OpenClaw instance is pre-configured with TLS, Telegram integration, and Supermemory — ready to chat immediately.

If you'd rather spend your time using OpenClaw than setting it up, try ClawTank.