Is docker-setup.sh the official OpenClaw Docker entrypoint?

As of the current OpenClaw documentation, the supported script from the repository root is ./scripts/docker/setup.sh. Some third-party posts mention docker-setup.sh; verify against docs.openclaw.ai/install/docker and the openclaw/openclaw repo before copying commands.

Which port does the OpenClaw Gateway and Control UI use by default?

The Gateway WebSocket control plane and Control UI are commonly accessed at http://127.0.0.1:18789/ (CLI examples use openclaw gateway --port 18789). Health probes are at /healthz and /readyz on the same listener.

What is the difference between gateway.bind lan and loopback in Docker?

Official Docker docs state that setup defaults OPENCLAW_GATEWAY_BIND=lan so the host can reach the published port. loopback restricts direct access to inside the container network namespace; pair loopback with Tailscale Serve/Funnel or a reverse proxy on the same host per OpenClaw security guidance.

How should I harden OpenClaw on a public VPS?

Read gateway/security including Docker DOCKER-USER firewall notes, keep DM pairing defaults for messaging channels, prefer strong gateway token or password auth when exposing the UI, consider agents.defaults.sandbox.mode non-main for group sessions, and avoid exposing raw WS without TLS and access control.

OpenClaw Install 2026: Docker vs CLI, Reverse Proxy, Token Hardening & Troubleshooting

This guide is for operators wiring OpenClaw into real workflows: OpenClaw installation tutorial paths, Docker deployment, reverse proxy TLS, production hardening, common errors, and a remote Mac workflow pattern. Commands below were checked against the public openclaw/openclaw README and docs.openclaw.ai/install/docker as of early 2026. For MacCompute services start at Home, browse notes & guides, or open help.

2026 deployment context and typical scenarios

OpenClaw is a self-hosted personal AI assistant stack: a Gateway WebSocket control plane (default ws://127.0.0.1:18789), Control UI in the browser, CLI, optional channels (Telegram, Slack, etc.), and tool execution on the host or in sandboxes. In 2026, teams adopt it for two overlapping patterns:

Gateway on Linux/VPS — always-on control plane next to your APIs, with SSH or Tailscale for remote CLI/WebChat.
Gateway or heavy tools on a remote Mac — Xcode builds, macOS-only scripts, signed binaries, and long agent runs without keeping a laptop awake.

This article stays tutorial-first: reproducible commands, explicit ports, and failure modes you can scan in seconds.

Environment pre-flight checklist

Tick before you install:

Node (CLI path) — OpenClaw README specifies Node 24 (recommended) or Node 22.16+; install matches before npm install -g openclaw@latest.
Docker + Compose v2 (container path) — Engine/Desktop current; official docs warn ≥ 2 GB RAM for image build (OOM exit 137 below that).
Git — Required to clone the repo for ./scripts/docker/setup.sh.
DNS + TLS — If you expose the UI publicly, have a hostname and certificates (Let’s Encrypt via Caddy or certbot for Nginx).
Firewall posture — On a VPS, read OpenClaw security hardening for network exposure and Docker DOCKER-USER guidance in upstream docs.

Reproducible install paths: global CLI vs Docker

Recommended CLI path (from the official README):

npm install -g openclaw@latest
openclaw onboard --install-daemon
openclaw gateway --port 18789 --verbose

Open http://127.0.0.1:18789/ for the Control UI. Upgrade path: openclaw doctor after updates.

Docker path (from official Docker docs — run from the cloned repo root):

git clone https://github.com/openclaw/openclaw.git
cd openclaw
./scripts/docker/setup.sh

Skip local build with a registry image:

export OPENCLAW_IMAGE="ghcr.io/openclaw/openclaw:latest"
./scripts/docker/setup.sh

Optional sandbox bootstrap for the gateway environment: export OPENCLAW_SANDBOX=1 before ./scripts/docker/setup.sh (see upstream sandboxing docs).

CLI vs Docker at a glance

Topic	Global CLI	Docker (scripts/docker/setup.sh)
Best for	Fast local loop, native macOS/Linux daemon via onboard	Isolated gateway, minimal host pollution, repeatable servers
Entry command	openclaw onboard --install-daemon	./scripts/docker/setup.sh (not legacy third-party docker-setup.sh names)
Control UI URL	http://127.0.0.1:18789/	Same after port publish
Health checks	curl -fsS http://127.0.0.1:18789/healthz	Same; image includes Docker HEALTHCHECK to /healthz
Post-install CLI	Host openclaw …	docker compose run --rm openclaw-cli … (shares gateway network namespace)

Minimal production security: bind, token, sandbox, outbound

Bind mode. Config uses gateway.bind values such as lan, loopback, tailnet, auto, custom — not raw host aliases like 0.0.0.0 in that setting. Docker setup defaults OPENCLAW_GATEWAY_BIND=lan so the published host port works. If you use Tailscale Serve/Funnel, upstream docs require gateway.bind to stay loopback with those modes.

Token and UI. The Docker wizard generates a gateway token into .env; paste it in Control UI settings. Treat it like a root credential for your assistant plane.

DM and channels. README stresses: inbound DMs are untrusted input; default pairing policies block unknown senders until openclaw pairing approve …. Run openclaw doctor to surface risky DM policies.

Sandbox. For safer group/channel sessions, configure agents.defaults.sandbox.mode: "non-main" so non-main sessions run in per-session Docker sandboxes (full reference in upstream sandboxing docs). This is separate from “gateway in Docker” but shares Docker infrastructure.

Outbound. Restrict egress at the network layer if agents should not reach arbitrary hosts; combine with tool allow/deny policies in config.

Nginx or Caddy reverse proxy and HTTPS

Upstream documents Tailscale Serve/Funnel and SSH tunnels as first-class patterns. If you prefer a generic reverse proxy, terminate TLS on Nginx/Caddy and proxy to the local Gateway HTTP/WebSocket listener (typically 127.0.0.1:18789).

Caddy (illustrative) — enable WebSocket upgrade headers and preserve Host:

claw.example.com {
  reverse_proxy 127.0.0.1:18789
}

Nginx (illustrative) — add Upgrade and Connection for WS paths used by the Control UI; consult your exact OpenClaw web surface paths in docs.openclaw.ai/web.

Checklist: TLS cert valid; only 443 exposed; rate limit or IP allowlist admin routes; keep gateway token rotation documented; verify curl -fsS https://claw.example.com/healthz returns OK through the proxy.

Troubleshooting matrix

Symptom	Likely cause	What to run / fix
Port 18789 in use	Stale gateway or another service	ss -tlnp \| grep 18789 (Linux) or change --port; stop duplicate compose stacks
Control UI unauthorized	Token mismatch or device pairing	docker compose run --rm openclaw-cli dashboard --no-open; openclaw-cli devices approve … per docs
CLI shows ws://172.x or pairing errors	Gateway mode/bind drift in Docker	Official reset: config set gateway.mode local, config set gateway.bind lan, then probe ws://127.0.0.1:18789
Build exits 137	OOM during pnpm install / image build	Resize VM to ≥ 2 GB RAM or use prebuilt OPENCLAW_IMAGE
EACCES on /home/node/.openclaw	Bind mount ownership	sudo chown -R 1000:1000 /path/to/openclaw-config … (container runs as uid 1000)
Sandbox containers missing	Image not built	Run scripts/sandbox-setup.sh or set custom sandbox image in config
Ready/liveness failing	Gateway not listening	curl -fsS http://127.0.0.1:18789/healthz and /readyz

Business example: remote Mac end-to-end automation

Pattern for rented or dedicated Mac mini capacity: use the Mac as the execution island, keep secrets on the machine, and drive work over SSH.

Provision — SSH in (see our SSH/VNC checklist), install Docker Desktop or Colima, or install Node and the global CLI per section 3.
Deploy OpenClaw — Either openclaw onboard --install-daemon or clone the repo and run ./scripts/docker/setup.sh with persistent OPENCLAW_CONFIG_DIR / workspace mounts on a data disk.
Wire a batch job — Cron or launchd invokes your build script; artifacts land under ~/.openclaw/workspace or a CI directory; exit codes feed logs.
Notify — On success/failure, call your existing webhook (Slack/Telegram) from the same script; optionally let OpenClaw agent sessions read summaries from structured log files.
Verify — From your laptop: ssh mac 'curl -fsS http://127.0.0.1:18789/healthz' prints liveness; Control UI reachable via SSH tunnel: ssh -L 18789:127.0.0.1:18789 mac then open http://127.0.0.1:18789/.

Expected outcome: builds and agent batches complete unattended; Gateway stays healthy; you debug via logs and occasional UI over SSH without exposing 18789 to the public internet.

FAQ and quick triage

Do I need Docker if I only want sandboxed agents? Sandboxing can use Docker while the gateway runs natively — see upstream “Sandboxing” vs “Docker (optional)”.

Where is state stored? Docker compose bind-mounts config under OPENCLAW_CONFIG_DIR and workspace paths documented in docker install; treat backups like any secrets + workspace store.

First step when “nothing listens”? docker compose ps or openclaw doctor, then curl health endpoints.

Summary

OpenClaw in production is mostly about correct install path (CLI onboard vs ./scripts/docker/setup.sh), stable port 18789, bind mode aligned with how you expose the UI, and defense in depth (tokens, DM pairing, optional non-main sandboxes, firewall). Pair that with a remote Mac when macOS or long-running agents need dedicated hardware.

For predictable 24/7 Mac capacity—build farms, agents, and batch queues—review pricing and purchase, and keep help handy for access and billing questions.