Automated OpenClaw deployment to any Ubuntu VPS.
Deploy OpenClaw in ~10 minutes using the official installer. Two deployment modes:
- Configured Deployment: OpenClaw + Telegram channel + auth configured, bot ready to use
- Install Only: Just install OpenClaw, configure interactively later via
openclaw onboard
Uses: Official OpenClaw installer + Onboarding wizard
For all deployments:
- VPS - Ubuntu 24.04 server from any provider
- SSH access - SSH key (recommended) or password
For configured deployments:
- Telegram bot token - From @BotFather
- User's Telegram ID - From @userinfobot
- Anthropic API key or Claude setup-token
Provide credentials during deployment. Bot will be ready to message immediately.
Recommended providers:
Specs:
- OS: Ubuntu 24.04
- RAM: 4GB minimum
- Storage: 40GB+
Before running the deployment script, connect to your VPS and verify access:
ssh YOUR_SSH_USER@YOUR_VPS_IPFirst-time connection checklist:
- Accept the host key fingerprint when prompted
- Change the default password if required by your provider
- Verify you can execute commands (e.g.,
sudo apt update)
Recommended: Set up SSH key authentication
This prevents password prompts during deployment:
# On your local machine
ssh-copy-id YOUR_SSH_USER@YOUR_VPS_IPOr manually:
cat ~/.ssh/id_rsa.pub | ssh YOUR_SSH_USER@YOUR_VPS_IP "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"Verify passwordless login:
ssh YOUR_SSH_USER@YOUR_VPS_IP
# Should connect without password promptOnce you can SSH in without issues, proceed to the next step.
Message @BotFather on Telegram:
/newbot
[Follow the prompts]
Save the token (format: 123456789:ABCdefGHIjklMNOpqrsTUVwxyz)
Have the user message @userinfobot on Telegram.
It will reply with their user ID (format: 987654321)
Note: This pre-authorizes the user so they can message the bot immediately.
Go to Anthropic Console:
- Sign up or log in
- Go to API Keys section
- Click Create Key
- Save the key (format:
sk-ant-api03-...)
Or use Claude subscription setup-token: claude setup-token
git clone https://github.com/ortegarod/openclaw-vps-deploy.git
cd openclaw-vps-deployWith API Key:
./deploy.sh \
--host YOUR_VPS_IP \
--user YOUR_SSH_USER \
--telegram-token "YOUR_TELEGRAM_TOKEN" \
--telegram-user-id USER_TELEGRAM_ID \
--api-key "YOUR_CLAUDE_API_KEY"Or with Claude subscription setup-token:
./deploy.sh \
--host YOUR_VPS_IP \
--user YOUR_SSH_USER \
--telegram-token "YOUR_TELEGRAM_TOKEN" \
--telegram-user-id USER_TELEGRAM_ID \
--token "YOUR_SETUP_TOKEN"Fresh installation (wipe existing workspace):
Add --clean to remove existing identity/workspace files:
./deploy.sh \
--host YOUR_VPS_IP \
--user YOUR_SSH_USER \
--telegram-token "YOUR_TELEGRAM_TOKEN" \
--telegram-user-id USER_TELEGRAM_ID \
--token "YOUR_SETUP_TOKEN" \
--cleanUse --clean when:
- Redeploying to an existing VPS
- Want a fresh start
- Previous bot identity should be removed
What gets configured:
- OpenClaw CLI + dependencies
- Authentication (API key or setup-token)
- Telegram channel (bot token + pre-authorized user)
- Gateway daemon (systemd service)
- Firewall (SSH + Gateway port)
Replace:
YOUR_VPS_IPwith VPS IP address (e.g.,203.0.113.10)YOUR_SSH_USERwith SSH username (e.g.,ubuntu,root)YOUR_TELEGRAM_TOKENwith bot token from step 3USER_TELEGRAM_IDwith user's Telegram ID from step 4 (e.g.,987654321)YOUR_CLAUDE_API_KEYwith API key from step 5 ORYOUR_SETUP_TOKENwith Claude setup-token
Important SSH notes:
- Use the IP address, not hostname (unless DNS is configured)
- Specify
--userto match your SSH config (default isroot) - Script uses your existing SSH keys automatically
- If VS Code or SSH access works, use the same IP and user
Bot is ready! User can message on Telegram immediately (pre-authorized, no pairing needed).
Install OpenClaw without credentials. User configures via interactive wizard.
Same as configured deployment (see above).
git clone https://github.com/ortegarod/openclaw-vps-deploy.git
cd openclaw-vps-deploy
./deploy.sh \
--host YOUR_VPS_IP \
--user YOUR_SSH_USERThat's it! Installs:
- OpenClaw CLI
- System dependencies (curl, git, ufw)
- Firewall configuration
SSH in and run the interactive wizard:
ssh YOUR_SSH_USER@YOUR_VPS_IP
openclaw onboard
# Follow prompts:
# - Choose auth method (API key or setup-token)
# - Enter credentials
# - Configure Telegram bot
# - Install daemon service- OpenClaw CLI via
curl -fsSL https://openclaw.ai/install.sh | bash - System packages curl, git, ufw (firewall)
- Firewall rules SSH (22), Gateway (18789)
- Onboarding via
openclaw onboard --non-interactive - Telegram channel pre-authorized for specified user ID
- Gateway daemon systemd service for auto-restart
~/.openclaw/
├── bin/openclaw # OpenClaw CLI
├── openclaw.json # Configuration
├── workspace/ # Agent workspace
│ ├── AGENTS.md
│ ├── IDENTITY.md
│ ├── SOUL.md
│ └── ...
├── agents/main/sessions/ # Session history
└── credentials/ # Channel credentials
SSH into VPS and edit workspace files:
ssh YOUR_USER@YOUR_IP
nano ~/.openclaw/workspace/IDENTITY.md
nano ~/.openclaw/workspace/SOUL.mdRestart to apply:
openclaw gateway restartssh YOUR_USER@YOUR_IP
openclaw statusopenclaw logs --followopenclaw gateway restart# Re-run installer
curl -fsSL https://openclaw.ai/install.sh | bash
openclaw gateway restartIf you see "Permission denied" or "Cannot connect":
- Check SSH config (
~/.ssh/config) if using VS Code or similar tools - Use same IP and user that works in your SSH client:
./deploy.sh --host YOUR_IP --user YOUR_USER
- Test SSH manually first:
ssh YOUR_USER@YOUR_IP
ssh YOUR_USER@YOUR_IP
openclaw status
openclaw logs --followopenclaw gateway startopenclaw channels listDeployment includes:
- UFW firewall (SSH + Gateway port)
- Systemd service isolation
- DM pairing or allowlist (not open by default)
Additional recommendations:
- Use SSH keys (not passwords)
- Keep VPS updated:
sudo apt update && sudo apt upgrade - Review OpenClaw security docs
- Run security audit:
openclaw security audit
Contributions welcome! Test on a clean Ubuntu 24.04 VPS before submitting PR.
MIT License - See LICENSE
Built using the official OpenClaw installer.
Questions? OpenClaw Discord