Skip to Content
DeploymentVPS Deployment

VPS Deployment

Deploy OpenClaw on your own virtual private server for full control and reliable integrations.

Why VPS?

AdvantageDescription
All integrationsTelegram, Slack, Discord, and Web UI all work perfectly
24/7 availabilityAlways online, accessible from anywhere
Persistent storageYour data survives restarts and is backed up
Full SSH accessComplete control over your server environment
Static IPEasy to set up custom domains and DNS

VPS deployment is recommended if you need reliable Telegram integration, which has limitations on Cloudflare Workers.

Choose a VPS Provider

Vultr (Recommended)DigitalOceanHetzner (Best Value)Linode

Provider Comparison

ProviderStarting PricevCPURAMNotes
Vultr$6/mo11GB32 global locations, NVMe SSD
DigitalOcean$6/mo11GB$200 free credit available
Hetzner$4/mo22GBBest value, EU/US locations
Linode$5/mo11GB$100 free credit available

Minimum Requirements

  • 1 vCPU
  • 1GB RAM
  • 20GB SSD
  • Ubuntu 22.04 or Debian 12
  • 2 vCPU
  • 2GB RAM
  • 40GB NVMe SSD
  • Ubuntu 24.04

Deployment Steps

Create Your VPS

  1. Sign up with your chosen provider
  2. Create a new VPS with Ubuntu 22.04 or 24.04
  3. Note the IP address and root password
  4. (Optional) Add your SSH key for secure access

Connect via SSH

ssh root@your-server-ip

Install Docker

curl -fsSL https://get.docker.com | sh

Create Docker Compose File

Create docker-compose.yml:

version: '3.8'
 
services:
  openclaw:
    image: openclaw/openclaw:latest
    container_name: openclaw
    restart: unless-stopped
    ports:
      - "8080:8080"
    environment:
      - ANTHROPIC_API_KEY=your-api-key
      - TELEGRAM_BOT_TOKEN=your-telegram-token  # Optional
      - SLACK_BOT_TOKEN=your-slack-token        # Optional
      - DISCORD_BOT_TOKEN=your-discord-token    # Optional
    volumes:
      - openclaw-data:/root/.clawdbot
 
volumes:
  openclaw-data:

Start OpenClaw

docker compose up -d

Verify It’s Running

docker logs openclaw
curl http://localhost:8080

Secure Access with Cloudflare Tunnel

Instead of opening ports directly, use Cloudflare Tunnel for secure access.

Install cloudflared

curl -L --output cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb
dpkg -i cloudflared.deb

Authenticate with Cloudflare

cloudflared tunnel login

Create a Tunnel

cloudflared tunnel create openclaw

Configure the Tunnel

Create ~/.cloudflared/config.yml:

tunnel: <your-tunnel-id>
credentials-file: /root/.cloudflared/<tunnel-id>.json
 
ingress:
  - hostname: ai.yourdomain.com
    service: http://localhost:8080
  - service: http_status:404

Add DNS Record

cloudflared tunnel route dns openclaw ai.yourdomain.com

Run as a Service

cloudflared service install
systemctl start cloudflared
systemctl enable cloudflared

See Cloudflare Tunnel Guide for detailed instructions.

Messaging Integration Setup

Telegram

  1. Message @BotFather  on Telegram
  2. Create a new bot with /newbot
  3. Copy the bot token
  4. Add to docker-compose.yml or environment
docker exec openclaw clawdbot config set telegram.botToken YOUR_TOKEN
docker restart openclaw

Slack

  1. Create app at api.slack.com/apps 
  2. Enable Socket Mode (recommended for VPS)
  3. Add bot scopes: chat:write, channels:history, im:history
  4. Install to workspace
  5. Copy Bot Token and App Token
docker exec openclaw clawdbot config set slack.botToken xoxb-YOUR-TOKEN
docker exec openclaw clawdbot config set slack.appToken xapp-YOUR-TOKEN
docker restart openclaw

Discord

  1. Create app at discord.com/developers 
  2. Create a bot and copy the token
  3. Add bot to your server with appropriate permissions
docker exec openclaw clawdbot config set discord.botToken YOUR_TOKEN
docker restart openclaw

Security Hardening

After deployment, consider these security improvements:

Change SSH Port

# Edit /etc/ssh/sshd_config
Port 2222  # Change from 22
 
systemctl restart sshd

Set Up Firewall

ufw allow 2222/tcp  # SSH (if changed)
ufw allow 8080/tcp  # OpenClaw (or skip if using Tunnel)
ufw enable

Install Fail2ban

apt install fail2ban
systemctl enable fail2ban

Use SSH Keys

# On your local machine
ssh-copy-id -i ~/.ssh/id_rsa.pub root@your-server-ip
 
# Then disable password auth in /etc/ssh/sshd_config
PasswordAuthentication no

Backup Strategy

Enable automatic backups with your VPS provider (usually $1-2/month extra).

For manual backups:

# Backup OpenClaw data
docker run --rm -v openclaw-data:/data -v $(pwd):/backup \
  alpine tar czf /backup/openclaw-backup-$(date +%Y%m%d).tar.gz /data

Cost Summary

ItemMonthly Cost
VPS (2GB RAM)$6-12
Anthropic API$10-50 (usage)
Backups$1-2
Total~$17-64/mo
Cloudflare WorkersCloudflare Tunnel