OpenClaw on DigitalOcean: Complete VPS Setup Guide

DigitalOcean remains one of the most popular choices for self-hosting OpenClaw thanks to its developer-friendly UI, predictable pricing, and extensive documentation. This guide walks through the complete setup from creating a Droplet to having OpenClaw running with automatic TLS.

What You'll Need

• DigitalOcean account (get $200 credit at digitalocean.com)
• Domain name (for TLS — optional but recommended)
• Basic Linux command line familiarity

Step 1: Create a Droplet

1. Log into DigitalOcean and click Create > Droplets
2. Choose Ubuntu 24.04 LTS as your image
3. Select a plan:
   • Minimum: Basic Shared CPU, 2GB RAM / 1 CPU / 50GB — $12/month
   • Recommended: Basic Shared CPU, 4GB RAM / 2 CPU / 80GB — $24/month
4. Choose your region (pick the closest to where your users are)
5. Add an SSH key (recommended over password auth)
6. Enable monitoring (free, useful for tracking RAM and CPU)
7. Click Create Droplet

Step 2: Initial Server Setup

# SSH into your new droplet
ssh root@your-droplet-ip

# Update packages
apt update && apt upgrade -y

# Create a non-root user
adduser openclaw
usermod -aG sudo openclaw

# Install Docker
curl -fsSL https://get.docker.com | bash
usermod -aG docker openclaw

# Install Docker Compose
apt install docker-compose-plugin -y

# Switch to your new user
su - openclaw

Step 3: Install OpenClaw

# Create OpenClaw directory
mkdir ~/openclaw && cd ~/openclaw

# Download the official docker-compose.yml
curl -O https://github.com/OpenClaw/OpenClaw/releases/latest/download/docker-compose.yml

# Create your .env file
cp .env.example .env
nano .env  # Edit with your API keys

Key environment variables to set:

ANTHROPIC_API_KEY=your_key_here
SECRET_KEY=generate-with-openssl-rand-hex-32
DOMAIN=your.domain.com  # optional

Step 4: Set Up TLS with Nginx and Let's Encrypt

# Install Nginx
sudo apt install nginx -y

# Install Certbot
sudo apt install certbot python3-certbot-nginx -y

# Obtain certificate (replace with your domain)
sudo certbot --nginx -d openclaw.yourdomain.com

# Create Nginx config
sudo nano /etc/nginx/sites-available/openclaw

server {
    listen 443 ssl;
    server_name openclaw.yourdomain.com;
    
    ssl_certificate /etc/letsencrypt/live/openclaw.yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/openclaw.yourdomain.com/privkey.pem;
    
    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

Step 5: Start OpenClaw

cd ~/openclaw
docker compose up -d

# Check logs
docker compose logs -f openclaw

Step 6: Configure Firewall

sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw enable

Ongoing Maintenance

• Updates: Check OpenClaw's GitHub releases weekly. Run docker compose pull && docker compose up -d to update.
• Backups: Use DigitalOcean Droplet backups (20% of droplet price/month) or configure manual exports.
• Monitoring: DigitalOcean's included metrics alert you to CPU/RAM spikes.

Frequently Asked Questions

Can I run multiple OpenClaw instances on one Droplet?

Yes, using separate Docker Compose projects with different ports. With 4GB RAM you can run 2 instances comfortably.

What if I don't want to manage a server myself?

nacre.sh provides all of this — Droplet, Docker, TLS, backups, updates — in a managed package starting at $12/month. Worth considering if the setup above feels complex.