Running OpenClaw on a local machine is great for initial development and testing, but for serious OpenClaw automation, you need a persistent, reliable environment. A Virtual Private Server (VPS) offers the scalability, uptime, and fixed infrastructure required for 24/7 agent operations without being tied to your local hardware or unstable home internet.
In this comprehensive guide, we’ll walk through every phase of setting up OpenClaw on a Linux VPS. We will cover hardware selection, initial installation, gateway configuration, background process management, and essential security practices to ensure your agents run smoothly and safely in a production-ready environment.
Follow the official installation tutorial to watch the CLI steps, Gateway startup, and PM2 configuration we just described.
https://www.youtube.com/watch?v=openclaw-setup-demo
Why Choose a VPS for Your OpenClaw Agents?
While OpenClaw runs beautifully on WSL2 (Windows Subsystem for Linux), a VPS provides several distinct advantages for production-level agents. If you are moving beyond experimentation and into automated workflows that need to trigger at any hour of the day, a server is no longer optional—it’s a requirement.
24/7 Reliability and Uptime
Your agents stay online even when your primary computer is off. This is critical for scheduled tasks, monitoring jobs, and responsive agents that need to act on real-time data or webhooks. Most VPS providers offer a 99.9% uptime guarantee, which far exceeds what a standard home workstation can provide.
Dedicated Resources and Performance
Modern AI agents, especially those using browser automation, can be resource-intensive. Running these locally often competes with your IDE, browser, and other development tools for RAM and CPU cycles. On a VPS, you have dedicated resources that ensure your OpenClaw instances don’t stutter or crash due to local system lag.
Fixed Public IP and Global Reach
A VPS provides a static public IP address. This is essential for setting up secure API callbacks, managing remote access, and ensuring that your agent’s outgoing requests come from a consistent, reputable source. It also allows you to choose a data center location that is geographically closer to the services your agent interacts with most frequently.
Scalability and Elasticity
As your agent fleet grows, you can easily upgrade your VPS hardware (vertical scaling) or deploy additional servers (horizontal scaling). Most cloud providers like DigitalOcean, Linode (Akamai), or AWS allow you to resize your server with just a few clicks, making it easy to adapt to increasing workloads.
Prerequisites: Recommended VPS Specifications
Before you begin the installation, you must ensure your VPS meets the necessary hardware and software requirements. While OpenClaw is efficient, its underlying browser automation components (like Playwright or Puppeteer) require a baseline level of performance.
Recommended Hardware
For a standard installation running 1–3 concurrent agents, we recommend the following:
- CPU: 2+ Cores (AMD EPYC or Intel Xeon preferred). High-clock speed cores are better than many slow cores for browser-heavy tasks.
- RAM: 4GB Minimum. We strongly recommend 8GB+ for multi-agent workloads or when running multiple browser instances simultaneously.
- Disk: 40GB SSD or NVMe. SSDs are required for fast indexing and workspace operations.
- Network: 1Gbps unmetered or high-bandwidth allowance.
Software Requirements
We recommend Ubuntu 22.04 LTS or Ubuntu 24.04 LTS for the best compatibility and long-term support. Other Debian-based distributions will work, but our documentation and scripts are optimized for Ubuntu.
- Operating System: Ubuntu 22.04/24.04 LTS (x64)
- Node.js: v18.0.0 or higher (LTS versions are preferred)
- NPM: v9.0.0 or higher
- Git: Required for cloning repositories and version control within the workspace.
Phase 1: Initial Server Preparation and Security
Before installing the OpenClaw software, you must secure and update your server. Connecting via SSH is your first step.
ssh root@your_vps_ip
Update the System
Always start with a full system update to ensure you have the latest security patches and library versions.
sudo apt update && sudo apt upgrade -y
Install Essential Build Tools
OpenClaw and its dependencies sometimes require compilation of native modules. Install the build-essential package and other utilities:
sudo apt install -y build-essential curl git wget unzip
Phase 2: Installing Node.js and OpenClaw
OpenClaw is built on Node.js, so having a modern version is non-negotiable. We recommend using the NodeSource repository or nvm (Node Version Manager) for installation.
Installing Node.js via NodeSource
To install Node.js 20.x (the current stable LTS):
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
sudo apt install -y nodejs
Verify the installation with:
node -v
npm -v
Installing the OpenClaw CLI
Once Node.js and NPM are ready, you can install OpenClaw globally on your server. This allows you to use the openclaw command from any directory.
sudo npm install -g openclaw
Initializing the Workspace
After the installation completes, initialize your OpenClaw workspace. This command will create the directory structure in your home folder (typically ~/.openclaw) and prepare default configuration files.
openclaw setup
Follow the on-screen prompts to configure your basic environment variables, such as your preferred default LLM provider and workspace paths.
Phase 3: Configuring the OpenClaw Gateway
The Gateway is the core service that orchestrates your agents and provides the API interface. On a VPS, you need the Gateway to run as a persistent background service that automatically restarts if the server reboots or the process crashes.
Option A: Using PM2 (Recommended for Production)
PM2 is a widely-used production process manager for Node.js applications. It handles logging, monitoring, and auto-restarts seamlessly.
Install PM2 globally:
bash
sudo npm install -g pm2Start the OpenClaw Gateway:
bash
pm2 start "openclaw gateway start" --name openclaw-gatewayEnable Startup Persistence:
This ensures PM2 (and OpenClaw) starts automatically when the server reboots.
bash
pm2 startup
Note: Follow the command output by the terminal to finalize the startup script registration.Save the current process list:
bash
pm2 save
Option B: Systemd Service (Native Linux Approach)
If you prefer not to use PM2, you can create a standard Systemd unit file. This is more “native” to Linux but requires manual configuration.
Create a file at /etc/systemd/system/openclaw.service:
[Unit]
Description=OpenClaw Gateway Service
After=network.target
[Service]
Type=simple
User=yourusername
WorkingDirectory=/home/yourusername
ExecStart=/usr/bin/openclaw gateway start
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
Enable and start the service:
sudo systemctl enable openclaw
sudo systemctl start openclaw
Phase 4: Network Configuration and Firewall
Security is paramount when running an automation platform on a public server. You must configure your firewall to allow only necessary traffic.
Configuring UFW (Uncomplicated Firewall)
By default, OpenClaw uses port 3000 for the Gateway API and UI. You also need to keep port 22 open for SSH access.
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 22/tcp
sudo ufw allow 3000/tcp
sudo ufw enable
Restricting Access
If you have a fixed IP at home or your office, it is highly recommended to restrict port 3000 to only your IP address:
sudo ufw delete allow 3000/tcp
sudo ufw allow from YOUR_HOME_IP to any port 3000 proto tcp
Phase 5: Reverse Proxy and SSL Hardening
While you can access OpenClaw directly via your server’s IP and port 3000, it is not secure your agent enough for production. You should use Nginx as a reverse proxy to handle SSL encryption and provide a cleaner URL (e.g., https://agents.yourdomain.com).
1. Install Nginx
sudo apt install -y nginx
2. Configure the Nginx Site
Create a new configuration file at /etc/nginx/sites-available/openclaw:
server {
listen 80;
server_name agents.yourdomain.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Enable the site and restart Nginx:
sudo ln -s /etc/nginx/sites-available/openclaw /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl restart nginx
3. Obtain an SSL Certificate with Certbot
Use Let’s Encrypt to secure your connection with free SSL certificates.
sudo apt install -y certbot python3-certbot-nginx
sudo certbot --nginx -d agents.yourdomain.com
This setup ensures that all communication between your browser and the OpenClaw VPS is encrypted, protecting your API keys and agent data.
Visualizing the OpenClaw Architecture on VPS
To better understand how the components interact, here is a diagram of the typical VPS deployment architecture.
graph TD
User((User / Developer)) -->|HTTPS/443| Nginx[Nginx Reverse Proxy]
Nginx -->|Proxy/3000| Gateway[OpenClaw Gateway]
Gateway -->|Spawns| Agent1[Content Agent]
Gateway -->|Spawns| Agent2[Keyword Agent]
Gateway -->|Spawns| Agent3[Technical Agent]
Agent1 -->|Reads/Writes| SharedFS[(Shared Filesystem)]
Agent2 -->|Reads/Writes| SharedFS
Agent3 -->|Reads/Writes| SharedFS
Gateway -->|External API| LLM[LLM Providers / SERP API]
Performance Optimization and Best Practices
Running OpenClaw on a VPS requires some ongoing maintenance to ensure peak performance.
Memory Management and Swap Files
Browser automation is RAM-hungry. If your VPS has 4GB of RAM or less, you may encounter “Out of Memory” (OOM) errors. Adding a swap file provides a safety net.
sudo fallocate -l 4G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
Log Rotation
Over time, PM2 or Systemd logs can grow quite large. Ensure you have log rotation configured. PM2 has a built-in module for this:
pm2 install pm2-logrotate
Workspace Backups
Your ~/.openclaw directory contains your configurations, agent states, and pipeline data. Regularly back this up using tools like rsync, rclone, or your VPS provider’s snapshot service.
tar -czf openclaw-backup-$(date +%F).tar.gz ~/.openclaw
Troubleshooting Common VPS Setup Issues
Setting up server-side software can sometimes lead to environment-specific hurdles. Here are the most common issues and their solutions.
Issue: Playwright/Browser Dependencies Missing
If your agents fail to start a browser, you likely need to install the underlying Linux libraries required by Chromium or Firefox.
Solution: Run the following command inside your workspace:
npx playwright install-deps
Issue: Permission Denied on Port 3000
If the Gateway fails to start, another service might be using the port, or you might lack permissions.
Solution: Check for port usage with sudo lsof -i :3000. If it’s free, ensure you are running the gateway as a user with appropriate permissions (though root is generally not recommended for security).
Issue: Node.js Version Incompatibility
Some older VPS templates come with very old versions of Node.js (like v12 or v14).
Solution: Always verify your version with node -v. If it’s below v18, use nvm to install the latest LTS version and set it as default.
Summary and Next Steps
By following this OpenClaw VPS setup guide, you now have a robust, high-performance foundation for autonomous AI agents. Your installation is secured behind a reverse proxy, protected by a firewall, and managed by a production-grade process manager.
Key Takeaways:
- Infrastructure: Choose a VPS with at least 4GB (ideally 8GB) of RAM for smooth browser automation.
- Persistence: Use PM2 to ensure the OpenClaw Gateway runs 24/7.
- Security: Never expose port 3000 directly; always use Nginx with SSL and a firewall.
- Optimization: Implement a swap file to handle memory spikes from multi-agent workloads.
Your next step should be exploring multi-agent orchestration or integrating with external tools via the OpenClaw CLI. You can also begin building your first OpenClaw automation pipeline to put your new server to work.
For more technical details, refer to the official OpenClaw documentation or the GitHub repository.
Frequently Asked Questions (FAQ)
Q: Can I run OpenClaw on a $5/month VPS?
A: Yes, it is possible for simple CLI-based agents. However, browser-based agents are memory-intensive. A 1GB or 2GB RAM instance will likely struggle with concurrent browser sessions. We recommend a minimum of $10-$20/month instances for production reliability.
Q: Does OpenClaw support Docker?
A: Yes, Docker is a great alternative for VPS deployment. It simplifies dependency management (like browser libraries). You can find the official Docker Compose examples in the GitHub repository.
Q: How do I update OpenClaw on my server?
A: To update to the latest version, run:
sudo npm install -g openclaw@latest
After updating, restart your PM2 or Systemd service to apply the changes.
Q: Can I manage multiple OpenClaw workspaces on one VPS?
A: Yes. You can specify a different workspace directory using the --workspace flag or by setting the OPENCLAW_WORKSPACE environment variable. Ensure each gateway instance runs on a unique port.
Q: Is it safe to run OpenClaw as the root user?
A: It is generally discouraged for security reasons. Create a dedicated openclaw user with sudo privileges for a more secure setup. This limits the potential damage if the application or one of its dependencies is compromised.
