Installation & Configuration

OpenClaw can be self-hosted in your own infrastructure — full data control, no vendor lock-in. In this lesson, you'll set up a production-ready instance.

System Requirements

Docker Deployment

1. Clone Repository and Prepare Environment

git clone https://github.com/agentos/openclaw.git
cd openclaw
cp .env.example .env

2. Adjust Configuration

The .env file contains all essential settings:

# Database
DATABASE_URL=postgresql://openclaw:secret@db:5432/openclaw
REDIS_URL=redis://redis:6379

# API Keys
OPENCLAW_API_KEY=oc_live_...
OPENCLAW_SECRET=your-secret-key

# Retention
TRACE_RETENTION_DAYS=90
LOG_RETENTION_DAYS=30

# Feature Flags
ENABLE_ALIGNMENT_SCORING=true
ENABLE_COMPLIANCE_MODULE=true

3. Start Containers

docker compose up -d

OpenClaw starts the following services:

• openclaw-api — REST/GraphQL endpoint (port 8080)
• openclaw-worker — Async trace processing
• openclaw-dashboard — Web UI (port 3000)
• postgres — Database
• redis — Cache and queue

4. Initial Setup

docker compose exec api openclaw init
docker compose exec api openclaw admin create --email admin@example.com

SDK Installation

OpenClaw provides SDKs for all common agent frameworks:

# Python
pip install openclaw-sdk

# Node.js
npm install @openclaw/sdk

# Go
go get github.com/agentos/openclaw-go

Initialize SDK (Python)

from openclaw import OpenClaw

oc = OpenClaw(
    api_key="oc_live_...",
    endpoint="https://openclaw.your-domain.com",
    environment="production"
)

API Key Management

OpenClaw uses a hierarchical key system:

• Admin Keys — Full access, infrastructure team only
• Project Keys — Scoped to a project, for agent developers
• Read-Only Keys — Dashboard access without write permissions
• Webhook Keys — For alerting integrations

Best Practice: Use a separate Project Key per agent deployment. This lets you control access granularly and isolate individual agents in emergencies without affecting others.