指南-Openclaw云主机安全部署方法
Openclaw Inteligencia Artificial manual
Last updated on
本指南将指导您如何在云主机VPS上安全 OpenClaw 实例。实例将运行在Docker环境,以您的机器人行为的结果影响可控。后续,你可以通过 SSH 隧道从您自己的 PC浏览器安全地管理您的 OpenClaw 实例,无需担心黑客会攻破它。
以下配置可以直接拷贝使用,并已在以下环境中验证过:
Debian 12.2.0
Docker version 26.0.2
openclaw:2026.3.7
阿里云主机2CPU/2G1. VPS云主机上使用docker部署openclaw
步骤 1:准备目录与配置文件
安装docker
sudo apt update && sudo apt upgrade -y
sudo apt install -y curl git ca-certificates
sudo apt install -y docker.io docker-compose
docker --version
docker-compose --version
sudo usermod -aG docker $USER创建运行环境目录
mkdir -p ~/openclaw
cd ~/openclaw创建 .gitignore 文件,避免提交敏感信息
cat > .gitignore << EOF
.env
*.log
config/*
data/*
EOF创建 .env 文件,存储敏感配置(务必设置权限)
cat > .env << EOF
OPENCLAW_CONFIG_DIR=~/.openclaw #openclaw实例在宿主机上的目录位置
OPENCLAW_WORKSPACE_DIR=~/.openclaw/workspace
OPENCLAW_GATEWAY_PORT=127.0.0.1:18789#gatway只在127.0.0.1上监听
OPENCLAW_BRIDGE_PORT=127.0.0.1:18790
OPENCLAW_GATEWAY_BIND=loopback #安全考虑必须绑定loopback
OPENCLAW_GATEWAY_ALLOWED_ORIGINS=http://localhost,http://127.0.0.1,http://yoursite.com
OPENCLAW_TOKEN=$(openssl rand -hex 32) # 使用 openssl 生成随机令牌
OPENCLAW_IMAGE=ghcr.io/openclaw/openclaw:2026.3.7 #生产环境建议指定版本
OPENCLAW_EXTRA_MOUNTS=
OPENCLAW_HOME_VOLUME=
OPENCLAW_DOCKER_APT_PACKAGES=
OPENCLAW_EXTENSIONS=
OPENCLAW_SANDBOX=
OPENCLAW_DOCKER_SOCKET=/var/run/docker.sock
DOCKER_GID=
OPENCLAW_INSTALL_DOCKER_CLI=
OPENCLAW_ALLOW_INSECURE_PRIVATE_WS=
OPENCLAW_TZ=Asia/Shanghai
EOF步骤 2:编写 Docker Compose 文件
创建docker-compose.yml
services:
openclaw-gateway:
image: ${OPENCLAW_IMAGE:-openclaw:local}
restart: unless-stopped
environment:
HOME: /home/node
OPENCLAW_GATEWAY_TOKEN: ${OPENCLAW_GATEWAY_TOKEN:-}
OPENCLAW_ALLOW_INSECURE_PRIVATE_WS: ${OPENCLAW_ALLOW_INSECURE_PRIVATE_WS:-}
CLAUDE_AI_SESSION_KEY: ${CLAUDE_AI_SESSION_KEY:-}
CLAUDE_WEB_SESSION_KEY: ${CLAUDE_WEB_SESSION_KEY:-}
CLAUDE_WEB_COOKIE: ${CLAUDE_WEB_COOKIE:-}
TZ: ${OPENCLAW_TZ:-UTC}
volumes:
- ${OPENCLAW_CONFIG_DIR}:/home/node/.openclaw
- ${OPENCLAW_WORKSPACE_DIR}:/home/node/.openclaw/workspace
## Uncomment the lines below to enable sandbox isolation
## (agents.defaults.sandbox). Requires Docker CLI in the image
## (build with --build-arg OPENCLAW_INSTALL_DOCKER_CLI=1) or use
## docker-setup.sh with OPENCLAW_SANDBOX=1 for automated setup.
## Set DOCKER_GID to the host's docker group GID (run: stat -c '%g' /var/run/docker.sock).
# - /var/run/docker.sock:/var/run/docker.sock
# group_add:
# - "${DOCKER_GID:-999}"
ports:
#- "${OPENCLAW_GATEWAY_PORT:-18789}:18789"
#- "${OPENCLAW_BRIDGE_PORT:-18790}:18790"
- "127.0.0.1:18789:18789"
network_mode: host #必须设置,否则容器内gateway监听的loopback端口无法收到宿主机端口转发的数据
init: true
read_only: true #无法更改容器内的文件,黑客即使攻破也无法安装或运行恶意软件
security_opt:
- no-new-privileges:true
cap_drop: #降级能力,只留下绑定网络端口的能力
- ALL
cap_add:
- NET_BIND_SERVICE
tmpfs: #限制零时文件大小且不能运行程序
- /tmp:rw,noexec,nosuid,size=64m
deploy:
resources: #限制容器资源
limits:
memory: 1536M
cpus: '1'
pids: 256
#限制容器资源的另一种配置方式
#cpus: 1
#mem_limit: 1536M
command:
[
"node",
"dist/index.js",
"gateway",
"--bind",
"${OPENCLAW_GATEWAY_BIND:-lan}",
"--port",
"18789",
]
healthcheck:
test:
[
"CMD",
"node",
"-e",
"fetch('http://127.0.0.1:18789/healthz').then((r)=>process.exit(r.ok?0:1)).catch(()=>process.exit(1))",
]
interval: 30s
timeout: 5s
retries: 5
start_period: 20s
dns: #防止某些情况下访问公网问题
- 114.114.114.114
- 223.5.5.5 #阿里dns
user: "1000:1000" #降低用户权限
#networks:
#- openclaw_internal
openclaw-cli:
image: ${OPENCLAW_IMAGE:-openclaw:local}
network_mode: "service:openclaw-gateway"
cap_drop:
- NET_RAW
- NET_ADMIN
security_opt:
- no-new-privileges:true
environment:
HOME: /home/node
OPENCLAW_GATEWAY_TOKEN: ${OPENCLAW_GATEWAY_TOKEN:-}
OPENCLAW_ALLOW_INSECURE_PRIVATE_WS: ${OPENCLAW_ALLOW_INSECURE_PRIVATE_WS:-}
BROWSER: echo
CLAUDE_AI_SESSION_KEY: ${CLAUDE_AI_SESSION_KEY:-}
CLAUDE_WEB_SESSION_KEY: ${CLAUDE_WEB_SESSION_KEY:-}
CLAUDE_WEB_COOKIE: ${CLAUDE_WEB_COOKIE:-}
TZ: ${OPENCLAW_TZ:-UTC}
volumes:
- ${OPENCLAW_CONFIG_DIR}:/home/node/.openclaw
- ${OPENCLAW_WORKSPACE_DIR}:/home/node/.openclaw/workspace
stdin_open: true
tty: true
init: true
entrypoint: ["node", "dist/index.js"]
depends_on:
- openclaw-gateway
networks:
openclaw_internal:
driver: bridge
internal: true # No external network access步骤3:启动容器openclaw实例
docker compose -f ~/openclaw/docker-compose.yml up -d步骤4:初始化配置
openclaw烧token很厉害,大家最好选择有限制的coding plan套餐。目前我用的是字节方舟coding plan,支持 Doubao、GLM、DeepSeek、Kimi 等模型,新人首月9.9,使用我的邀请码可以再打9折(老客户也行)。点击专属链接https://volcengine.com/L/tOvDAWumWLU/ 邀请码:PWFFSM5R
运行以下代码初始化配置
docker compose -f ~/openclaw/docker-compose.yml run --rm openclaw-gateway onboard命令运行后会启动配置界面,基本选defaul,模型提供商根据你买的模型供应商信息填写,一般选OpenAI-compatible (custom endpoint),按要求输入API key,base URL之类。
结束后检查服务状态是否正常
docker compose -f ~/openclaw/docker-compose.yml ps
docker compose -f ~/openclaw/docker-compose.yml logs -f openclaw-gateway2. 从本地工作电脑管理云龙虾
如果需要通过Web UI管理VPS上的openclaw实例,有2种比较安全的方式:一是利用SSH本地转发建立隧道,一是在VPS上配置HTTP反向代理。由于openclaw的安全机制会默认从127.0.0.1进入的connection都是安全的,导致使用HTTP反向代理反而会削弱整体安全性,所以推荐方式一。
1)云主机VPS上安全加固,修改SSH server监听的端口,并指定用户只能通过证书密钥接入而不是密码验证(相关方法可以搜网上教程,需生成相关证书并在工作电脑上配置)。
2)个人本地macOS上可以直接运行:
ssh -N -L 18789:127.0.0.1:18789 user@your-vps-ipWindows系统也可运行上述命令(以管理员身份运行cmd),或者安装MoBaXterm并配置本地端口转发。
最后打开电脑上的浏览器,通过localhost:18789/?token=yourtoken访问,第一次访问时,需要配准device配对,如果换一个浏览器还需重新配对。
docker compose -f ~/openclaw/docker-compose.yml run --rm openclaw-gateway openclaw devices list
docker compose -f ~/openclaw/docker-compose.yml run --rm openclaw-gateway openclaw devices approve <requestId>3. 安全建议
设置 .env 文件权限(关键:防止凭据泄露)
chmod 600 .env
chmod 700 ~/.openclaw
chmod 600 ~/.openclaw/openclaw.json
chmod 600 ~/.openclaw/credentials/*.json
find ~/.openclaw -type f -name "*.json" -exec chmod 600 {} \;VPS防火墙加固(可选)
sudo ufw allow OpenSSH #或者是你指定的SSH端口
sudo ufw enable
sudo ufw status4. 故障排查
重新配置
docker compose -f ~/openclaw/docker-compose.yml run --rm openclaw-cli configure如果网关绑定模式没生效可以使用以下命令
docker compose -f ~/openclaw/docker-compose.yml run --rm openclaw-cli config set gateway.bind loopback快速备份
tar -czf openclaw-backup.tar.gz ~/.openclaw