๐ VPS Deployment
Run OpenClaw 24/7 on a cloud server
Why Use a VPS?
A VPS (Virtual Private Server) gives you a dedicated Linux machine in the cloud that's always on. No hardware to maintain, no home internet to worry about, and you can access it from anywhere. Perfect if you don't want to run hardware at home.
Recommended Specs
| Resource | Minimum | Recommended |
|---|---|---|
| RAM | 1 GB | 2 GB+ |
| CPU | 1 vCPU | 2 vCPU |
| Storage | 10 GB SSD | 20 GB SSD |
| OS | Ubuntu 22.04+ or Debian 12+ | |
Budget VPS Providers
Hetzner
2GB RAM, EU/US datacenters
DigitalOcean
1GB RAM, global datacenters
Vultr
1GB RAM, 32 locations
Linode
1GB RAM, Akamai network
Oracle Cloud
1GB RAM, always free tier
Racknerd
Budget deals, check sales
Create a VPS
- Sign up with a provider above
- Create a new server/droplet/instance
- Select Ubuntu 22.04 LTS (recommended)
- Choose the smallest plan that meets specs (1-2GB RAM)
- Add your SSH key (or note the root password)
- Create the server and note the IP address
Connect via SSH
# Connect to your server ssh root@YOUR_SERVER_IP # First time? Accept the fingerprint
Create a Non-Root User (Recommended)
# Create a user for OpenClaw adduser openclaw usermod -aG sudo openclaw # Switch to the new user su - openclaw
Install Node.js
# Install Node.js 22 via NodeSource curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash - sudo apt install -y nodejs # Verify node --version # Should be v22.x.x
Install OpenClaw
# Install globally sudo npm install -g openclaw@latest # Run the onboarding wizard openclaw onboard --install-daemon
The wizard will guide you through setting up your API key, model, and messaging channel.
Configure Firewall
# Enable UFW firewall sudo ufw allow ssh sudo ufw enable # DON'T expose the gateway port publicly! # Use Tailscale or Cloudflare Tunnel for remote access instead
Verify It's Running
# Check status openclaw status # Check service status systemctl status openclaw # View logs journalctl -u openclaw -f
๐ You're Live!
Your VPS is now running OpenClaw 24/7. Message your bot through your configured channel to test it!
Remote Access Options
If you need to access the OpenClaw web interface or API remotely:
Option 1: Tailscale (Recommended)
Install Tailscale on both your VPS and your devices for secure access:
curl -fsSL https://tailscale.com/install.sh | sh sudo tailscale up
Option 2: Cloudflare Tunnel
For browser-based access with authentication:
curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg echo "deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflared.list sudo apt update && sudo apt install cloudflared
โ ๏ธ Don't Expose Port 3000 Publicly
Never open the gateway port in your firewall. Use Tailscale or Cloudflare Tunnel instead. Shodan scans have found hundreds of exposed OpenClaw gateways with security issues.
Keeping It Updated
Update OpenClaw
# Update to latest version sudo npm install -g openclaw@latest # Restart the service sudo systemctl restart openclaw
Auto-Update System Packages
# Enable automatic security updates
sudo apt install unattended-upgrades
sudo dpkg-reconfigure -plow unattended-upgrades
Troubleshooting
Service won't start?
# Check logs for errors journalctl -u openclaw -n 50 # Try running manually to see output openclaw gateway
Out of memory?
- Use a cheaper model (Claude Haiku instead of Opus)
- Add swap space:
sudo fallocate -l 2G /swapfile && sudo chmod 600 /swapfile && sudo mkswap /swapfile && sudo swapon /swapfile - Upgrade to a larger VPS
Related Guides
- Security Checklist โ Essential hardening
- Tailscale Setup โ Secure remote access
- Docker Setup โ Container deployment