A premium, containerized deployment of the OpenClaw Agentic AI Gateway, optimized for Coolify.
Before you begin, ensure you have the following:
- Coolify Instance: A running instance of Coolify.
- Domain Name: A domain (or subdomain) pointed to your Coolify server.
- This is mandatory for the Gateway WebUI and secure communication.
- SSL Certificate: Recommended (handled automatically by Coolify once a domain is pointed).
For Telegram:
- Open Telegram and search for @BotFather.
- Send
/newbotand follow the prompts. - Copy the API Token (
TELEGRAM_BOT_TOKEN).
For Discord:
- Go to the Discord Developer Portal.
- Create a New Application and navigate to the Bot tab.
- Reset/Copy your Bot Token (
DISCORD_BOT_TOKEN). - Enable Message Content Intent in the "Privileged Gateway Intents" section.
Tip
More Channels: OpenClaw also supports Slack, Signal, iMessage, and more. For advanced setup of other channels, refer to the Official Documentation.
- Open Coolify Instance: Log in to your Coolify dashboard.
- Navigate to Projects: Click on the "Projects" tab.
- Click on [+ Add]: Create a new project for your bot.
- Enter Project Name: Give it a name (e.g.,
openclaw). - Click Continue: Proceed to the resource selection.
- Click on [+ Add Resources]: Select the type of resource to add.
- Select Public Repository: Choose "Public Repository" as the source.
Note: After this step, some users might see options to select a destination; ensure you select the correct one.
- Enter URL: Provide the repository URL:
https://github.com/mrbeandev/openclaw-coolifyand click on [ Check Repository ]. - Select Build Pack: Click on NixPack, select docker-compose, and click Continue.
- Configure Environment Variables: In the configuration page, go to the Environment Variables section and set these variables:
| Variable | Description | Required |
|---|---|---|
OPENCLAW_GATEWAY_TOKEN |
Your custom "Password" for the WebUI. | β |
TELEGRAM_BOT_TOKEN |
The token from @BotFather. | β* |
DISCORD_BOT_TOKEN |
The token from Discord Portal. | β* |
GEMINI_API_KEY |
Used for long-term memory (embeddings). | β |
* At least one channel token (Telegram or Discord) is required for the bot to be accessible.
Important
How to set OPENCLAW_GATEWAY_TOKEN:
This is NOT a token you get from a website. It is a secret password YOU create to secure your gateway for the initial login.
- Think of a long, random string (e.g.,
MySuperSecret123!_RandomString). - Or generate one in your terminal:
openssl rand -base64 32. - Paste it into Coolify and SAVE ITβyou will need it for the initial setup. After deployment, the
openclaw dashboardcommand (Phase 3) is the easiest way to get a login link.
Tip
Gemini API Key: If you skip the GEMINI_API_KEY in the environment variables, you can still configure it later in the terminal. It is primarily used for the Long-Term Memory (embeddings) feature.
Note
OPENCLAW_GATEWAY_PASSWORD is optional but recommended for extra security.
- Configure Your Domain: In the General tab:
- Manual: Enter your custom domain (e.g.,
https://openclaw.yourdomain.com). - Automatic: If your Coolify instance is setup with a base domain, you can simply click the [ Generate Domain ] button to automatically create a subdomain for your bot.
- This step is mandatory for the WebUI and SSL to work.
- Manual: Enter your custom domain (e.g.,
π Finally, click on Deploy!
Once the service is running, open the Terminal for your openclaw container in Coolify and run:
openclaw onboardThis command will guide you through setting up your identity and configuring AI models.
To access your Gateway WebUI, you must generate a tokenized login link. Run this command in your Coolify instance terminal:
openclaw dashboard --no-open- Copy the tokenized URL printed in the terminal (specifically the one starting with
http://localhost:18789/?token=...). - Replace
localhostwith your actual domain (e.g.,https://openclaw.yourdomain.com/?token=...). - Paste it into your browser.
- Password Security: If you set an
OPENCLAW_GATEWAY_PASSWORDin Coolify, navigate to the Overview tab, enter it in the Password field, and click Connect. - Approve Device: On your first login, you must approve your browser device. Run these commands in your Coolify terminal:
Example:
openclaw devices list openclaw devices approve <request_id>
openclaw devices approve 22d73fae-22f9-46ec-a566-b722fb0fcd9b
Your bot now comes with a fully integrated Headless Browser (Chromium) and VNC Server running right inside the container! This allows the AI to browse the web visually, and allows YOU to watch and interact with it in real-time.
You can view the browser session directly from your web browser using the built-in noVNC client.
1. Create a Domain (Recommended):
- Go to your Coolify resource settings.
- Add a new domain pointing to port
6080(e.g.,https://vnc.your-domain.com). - Save and access the URL.
2. Direct IP Access:
- Access
http://<your-server-ip>:6080/vnc.html - Note: Requires port
6080to be open in your firewall.
- Password:
openclaw(default)- You can change this by setting the
VNC_PASSWORDenvironment variable in Coolify.
- You can change this by setting the
The bot is automatically configured to use this browser. It can open tabs, click elements, and you can see it all happening live!
- Weak Passwords: The default VNC password is
openclaw. CHANGE THIS immediately in your Coolify environment variables (VNC_PASSWORD). - Firewall Exposure: If using direct IP access (
http://ip:6080), you are bypassing some security layers. Ensure you restrict access to your IP only via firewall rules (e.g., AWS Security Groups, UFW). - Public Access: Never expose the VNC port (6080) to the public internet without a strong password or VPN. Anyone with access can view the screen and control the mouse/keyboard.
- Sensitive Data: Avoid using the bot to log into highly sensitive personal banking or primary email accounts unless you have secured the VNC connection. The VNC stream is viewable by anyone with the password.
When you first message your bot on Telegram or Discord, it will respond with a message like this:
OpenClaw: access not configured.
Your Discord user id:
589741852224126976Pairing code:
PMTNLQJZAsk the bot owner to approve with:
openclaw pairing approve discord <code>
To Approve Pairing:
- Open your Gateway WebUI (from Phase 3).
- Go to the Chat section.
- Paste the pairing command directly:
openclaw pairing approve discord PMTNLQJZ(Replacediscordwithtelegramif needed, and use your actual code).
Your data is persisted in two Docker volumes:
clawdbot_config: Stores identity and config (/home/node/.openclaw)clawdbot_workspace: Stores agent files and history (/home/node/clawd)
Want to add more capabilities to your OpenClaw bot? Check out my collection of pre-built skills:
β¨ Explore My Skills: clawhub.ai/u/mrbeandev
For the original OpenClaw documentation, see default.readme.md.