VPS Deployment

Deploy OpenClaw on your own virtual private server for full control and reliable integrations.

Why VPS?

Advantage	Description
Web + Telegram today	The best self-managed path for reliable web access and Telegram
24/7 availability	Always online, accessible from anywhere
Persistent storage	Your data survives restarts and is backed up
Full SSH access	Complete control over your server environment
Static IP	Easy to set up custom domains and DNS

VPS deployment is recommended if you need reliable Telegram integration, which has limitations on Cloudflare Workers.

Choose a VPS Provider

Provider Comparison

Provider	Starting Price	vCPU	RAM	Notes
Vultr	$6/mo	1	1GB	32 global locations, NVMe SSD
DigitalOcean	$6/mo	1	1GB	$200 free credit available
Hetzner	$4/mo	2	2GB	Best value, EU/US locations
Linode	$5/mo	1	1GB	$100 free credit available

Recommended Specifications

Minimum Requirements

1 vCPU
1GB RAM
20GB SSD
Ubuntu 22.04 or Debian 12

Deployment Steps

Create Your VPS

Sign up with your chosen provider
Create a new VPS with Ubuntu 22.04 or 24.04
Note the IP address and root password
(Optional) Add your SSH key for secure access

Connect via SSH


ssh root@your-server-ip

Install Docker


curl -fsSL https://get.docker.com | sh

Create Docker Compose File

Create docker-compose.yml:


version: '3.8'
 
services:
  openclaw:
    image: openclaw/openclaw:latest
    container_name: openclaw
    restart: unless-stopped
    ports:
      - "8080:8080"
    environment:
      - OPENROUTER_API_KEY=your-byok-provider-key
      - TELEGRAM_BOT_TOKEN=your-telegram-token  # Optional
    volumes:
      - openclaw-data:/root/.clawdbot
 
volumes:
  openclaw-data:

Start OpenClaw


docker compose up -d

Verify It’s Running


docker logs openclaw
curl http://localhost:8080

Secure Access with Cloudflare Tunnel

Instead of opening ports directly, use Cloudflare Tunnel for secure access.

Install cloudflared


curl -L --output cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb
dpkg -i cloudflared.deb

Authenticate with Cloudflare


cloudflared tunnel login

Create a Tunnel


cloudflared tunnel create openclaw

Configure the Tunnel

Create ~/.cloudflared/config.yml:


tunnel: <your-tunnel-id>
credentials-file: /root/.cloudflared/<tunnel-id>.json
 
ingress:
  - hostname: ai.yourdomain.com
    service: http://localhost:8080
  - service: http_status:404

Add DNS Record


cloudflared tunnel route dns openclaw ai.yourdomain.com

Run as a Service


cloudflared service install
systemctl start cloudflared
systemctl enable cloudflared

See Cloudflare Tunnel Guide for detailed instructions.

Messaging Integration Setup

Message @BotFather on Telegram
Create a new bot with /newbot
Copy the bot token
Add to docker-compose.yml or environment


docker exec openclaw clawdbot config set telegram.botToken YOUR_TOKEN
docker restart openclaw

Slack and Discord

Slack and Discord are still coming soon in the hosted public flow, so they are not part of the recommended public setup path in this guide.

Security Hardening

After deployment, consider these security improvements:

Change SSH Port


# Edit /etc/ssh/sshd_config
Port 2222  # Change from 22
 
systemctl restart sshd

Set Up Firewall


ufw allow 2222/tcp  # SSH (if changed)
ufw allow 8080/tcp  # OpenClaw (or skip if using Tunnel)
ufw enable

Install Fail2ban


apt install fail2ban
systemctl enable fail2ban

Use SSH Keys


# On your local machine
ssh-copy-id -i ~/.ssh/id_rsa.pub root@your-server-ip
 
# Then disable password auth in /etc/ssh/sshd_config
PasswordAuthentication no

Backup Strategy

Enable automatic backups with your VPS provider (usually $1-2/month extra).

For manual backups:


# Backup OpenClaw data
docker run --rm -v openclaw-data:/data -v $(pwd):/backup \
  alpine tar czf /backup/openclaw-backup-$(date +%Y%m%d).tar.gz /data

Cost Summary

Item	Monthly Cost
VPS (2GB RAM)	$6-12
Provider API usage	$10-50 (usage)
Backups	$1-2
Total	~$17-64/mo