OpenClaw Docker Install: Step-by-Step 2026 Guide
Install OpenClaw with Docker in 2026. Complete step-by-step guide covering docker-compose setup, environment variables, volume mounts, and reverse proxy.
The OpenClaw Docker install is the recommended path for production self-hosted deployments. Docker containers provide isolation, reproducible environments, easy updates via image pulls, and clean separation between your OpenClaw instance and host system. This guide covers a complete Docker Compose setup including reverse proxy configuration and persistent data volumes.
Prerequisites
- Docker Engine 24.0+ and Docker Compose v2
- A domain name pointing to your server (for TLS)
- Port 80 and 443 open on your firewall
- An LLM API key
The Docker Compose File
Create a directory and docker-compose.yml:
version: '3.9'
services:
openclaw:
image: openclaw/openclaw:latest
container_name: openclaw
restart: unless-stopped
environment:
- OPENCLAW_LLM_PROVIDER=anthropic
- OPENCLAW_API_KEY=${ANTHROPIC_API_KEY}
- OPENCLAW_TELEGRAM_TOKEN=${TELEGRAM_TOKEN}
volumes:
- openclaw_data:/app/.openclaw
- ./config/openclaw.json:/app/openclaw.json:ro
ports:
- "127.0.0.1:8080:8080"
networks:
- openclaw_net
nginx:
image: nginx:alpine
container_name: nginx
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx/conf.d:/etc/nginx/conf.d
- certbot_www:/var/www/certbot
- certbot_conf:/etc/letsencrypt
networks:
- openclaw_net
volumes:
openclaw_data:
certbot_www:
certbot_conf:
networks:
openclaw_net:
Environment Variables
Create a .env file (never commit this to git):
ANTHROPIC_API_KEY=sk-ant-...
TELEGRAM_TOKEN=1234567890:AAF...
Nginx Configuration
Create nginx/conf.d/openclaw.conf:
server {
listen 443 ssl;
server_name yourdomain.com;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
location / {
proxy_pass http://openclaw:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Starting the Stack
# Get TLS certificate first
docker run --rm -v certbot_www:/var/www/certbot -v certbot_conf:/etc/letsencrypt certbot/certbot certonly --webroot -w /var/www/certbot -d yourdomain.com --email you@example.com --agree-tos
# Start everything
docker compose up -d
# Check logs
docker compose logs -f openclaw
Updating OpenClaw
docker compose pull
docker compose up -d
Updates apply without data loss because all persistent data lives in the named openclaw_data volume.
Backup and Restore
# Backup
docker run --rm -v openclaw_data:/data -v $(pwd):/backup alpine tar czf /backup/openclaw-backup-$(date +%Y%m%d).tar.gz /data
# Restore
docker run --rm -v openclaw_data:/data -v $(pwd):/backup alpine tar xzf /backup/openclaw-backup-YYYYMMDD.tar.gz -C /
Frequently Asked Questions
Can I run OpenClaw without docker compose?
Yes: docker run -d --name openclaw -e OPENCLAW_API_KEY=sk-ant-... -v openclaw_data:/app/.openclaw openclaw/openclaw:latest. But docker-compose is much easier to manage.
How do I run multiple OpenClaw instances?
Duplicate the service block in docker-compose.yml with different container names, port mappings, and data volumes. Each instance is completely isolated.
Does the Docker image include all skills?
The base image includes OpenClaw core only. Skills are installed at runtime via ClawHub and persisted in the data volume.
nacre.sh
Run OpenClaw without the server headaches
Dedicated instance, automatic TLS, nightly backups, and 290+ LLM integrations. Live in under 90 seconds from $12/month.
Deploy your agent →