一、docker安装
测试环境已安装docker
[root@hecs-276856 ~]# docker --version
Docker version 24.0.7, build afdd53b
二、docker-compose安装
curl -L "https://github.com/docker/compose/releases/download/v2.24.6/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
docker-compose --version
三、docker-compose.yml文件配置
version: '3.8'
services:
openclaw:
image: ghcr.io/openclaw/openclaw:latest
container_name: openclaw
ports:
- "18789:18789"
- "18791:18791"
volumes:
- /opt/openclaw/docker-compose/data:/home/node/.openclaw //持久话目录配置
environment:
- ANTHROPIC_API_KEY=你的_api_key
- GATEWAY_AUTH_TOKEN=your_secure_token_here
restart: unless-stopped
- 持久话目录权限修改
mkdir -p /opt/openclaw/docker-compose/data
chmod 777 /opt/openclaw/docker-compose/data
四、启动容器
[root@hecs-276856 docker-compose]# ll
总用量 8
drwxrwxrwx 5 777 root 4096 3月 10 10:43 data
-rw-r--r-- 1 root root 377 3月 10 10:32 docker-compose.yml
[root@hecs-276856 docker-compose]# docker-compose up -d
[+] Running 1/2
⠸ Network docker-compose_default Created 0.3s
✔ Container openclaw Started 0.3s
[root@hecs-276856 docker-compose]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
905cf3d9b1d3 ghcr.io/openclaw/openclaw:latest "docker-entrypoint.s…" 4 seconds ago Up 3 seconds (health: starting) 0.0.0.0:18789->18789/tcp, :::18789->18789/tcp, 0.0.0.0:18791->18791/tcp, :::18791->18791/tcp openclaw
[root@hecs-276856 docker-compose]# docker logs openclaw
2026-03-10T02:43:44.451+00:00 [gateway] auth token was missing. Generated a new token and saved it to config (gateway.auth.token).
2026-03-10T02:43:45.281+00:00 [canvas] host mounted at http://127.0.0.1:18789/__openclaw__/canvas/ (root /home/node/.openclaw/canvas)
2026-03-10T02:43:45.373+00:00 [heartbeat] started
2026-03-10T02:43:45.405+00:00 [health-monitor] started (interval: 300s, startup-grace: 60s, channel-connect-grace: 120s)
2026-03-10T02:43:45.410+00:00 [gateway] agent model: anthropic/claude-opus-4-6
2026-03-10T02:43:45.412+00:00 [gateway] listening on ws://127.0.0.1:18789 (PID 14)
2026-03-10T02:43:45.425+00:00 [gateway] log file: /tmp/openclaw/openclaw-2026-03-10.log
2026-03-10T02:43:45.504+00:00 [browser/server] Browser control listening on http://127.0.0.1:18791/ (auth=token)
五.修改监听地址
1.删除旧的容器
[root@hecs-276856 docker-compose]# docker-compose down
[+] Running 2/2
✔ Container openclaw Removed 0.2s
✔ Network docker-compose_default Removed
2.修改openclaw配置
[root@hecs-276856 docker-compose]# cat data/openclaw.json
[root@hecs-276856 data]# cat openclaw.json
{
"meta": {
"lastTouchedVersion": "2026.3.8",
"lastTouchedAt": "2026-03-10T02:28:58.507Z"
},
"models": {
"providers": {
"siliconflow": { //使用的硅基流动的大模型
"baseUrl": "https://api.siliconflow.cn/v1", //大模型接口地址
"apiKey": "sk-XXXXXXXXXXXX", //大模型调用密钥
"api": "openai-completions",
"models": [
{
"id": "Pro/zai-org/GLM-4.7",
"name": "Silicon GLM 4.7",
"contextWindow": 128000,
"maxTokens": 8192
},
{
"id": "deepseek-ai/DeepSeek-V3",
"name": "DeepSeek V3",
"contextWindow": 64000,
"maxTokens": 4096
}
]
}
}
},
"agents": {
"defaults": {
"contextPruning": {
"mode": "cache-ttl",
"ttl": "1h"
},
"compaction": {
"mode": "safeguard"
},
"heartbeat": {
"every": "30m"
}
}
},
"commands": {
"native": "auto",
"nativeSkills": "auto",
"restart": true,
"ownerDisplay": "raw"
},
"gateway": {
"bind": "lan", //监听
"controlUi": {
"allowedOrigins": [ //**CORS白名单访问地址,不推荐使用*(通配符)
"http://127.0.0.1:18789",
"http://localhost:18789",
"http://个人访问ip:18789"
]
},
"auth": {
"mode": "token",
"token": "xxxxxxxxx"
}
}
}
3.启动容器
[root@hecs-276856 docker-compose]# docker-compose up -d
[+] Running 1/2
⠸ Network docker-compose_default Created 0.3s
✔ Container openclaw Started 0.3s
[root@hecs-276856 docker-compose]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0cb3bcd6ed9e ghcr.io/openclaw/openclaw:latest "docker-entrypoint.s…" 2 seconds ago Up 2 seconds (health: starting) 0.0.0.0:18789->18789/tcp, :::18789->18789/tcp, 0.0.0.0:18791->18791/tcp, :::18791->18791/tcp openclaw
[root@hecs-276856 docker-compose]# docker logs openclaw
2026-03-10T02:47:18.139+00:00 [canvas] host mounted at http://0.0.0.0:18789/__openclaw__/canvas/ (root /home/node/.openclaw/canvas)
2026-03-10T02:47:18.142+00:00 [gateway] ⚠️ Gateway is binding to a non-loopback address. Ensure authentication is configured before exposing to public networks.
2026-03-10T02:47:18.201+00:00 [heartbeat] started
2026-03-10T02:47:18.204+00:00 [health-monitor] started (interval: 300s, startup-grace: 60s, channel-connect-grace: 120s)
2026-03-10T02:47:18.207+00:00 [gateway] agent model: anthropic/claude-opus-4-6
2026-03-10T02:47:18.209+00:00 [gateway] listening on ws://0.0.0.0:18789 (PID 15)
2026-03-10T02:47:18.211+00:00 [gateway] log file: /tmp/openclaw/openclaw-2026-03-10.log
2026-03-10T02:47:18.243+00:00 [browser/server] Browser control listening on http://127.0.0.1:18791/ (auth=token)
4.浏览器访问
六、配置nginx代理
1.安装nginx
yum install nginx -y
2.天nginx配置
[root@hecs-276856 docker-compose]# cat /etc/nginx/conf.d/openclaw.conf
server {
listen 18080;
server_name 0.0.0.0;
location / {
proxy_pass http://127.0.0.1:18789;
proxy_http_version 1.1;
# WebSocket支持
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# 传递真实客户端信息
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 长连接超时设置
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
}
}
3.检查与启动nginx
[root@hecs-276856 docker-compose]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@hecs-276856 docker-compose]#
[root@hecs-276856 docker-compose]# systemctl start nginx.service
[root@hecs-276856 docker-compose]# systemctl status nginx.service
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Active: active (running) since 二 2026-03-17 10:46:27 CST; 21s ago
Process: 7624 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 7620 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 7618 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 7627 (nginx)
Tasks: 3
Memory: 2.8M
CGroup: /system.slice/nginx.service
├─7627 nginx: master process /usr/sbin/nginx
├─7628 nginx: worker process
└─7629 nginx: worker process
3月 17 10:46:27 hecs-276856 systemd[1]: Starting The nginx HTTP and reverse proxy server...
3月 17 10:46:27 hecs-276856 nginx[7620]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
3月 17 10:46:27 hecs-276856 nginx[7620]: nginx: configuration file /etc/nginx/nginx.conf test is successful
3月 17 10:46:27 hecs-276856 systemd[1]: Started The nginx HTTP and reverse proxy server.
[root@hecs-276856 docker-compose]# netstat -lntp|grep 18080
tcp 0 0 0.0.0.0:18080 0.0.0.0:* LISTEN 7627/nginx: master
七、修改OpenClaw配置
1.停止OpenClaw容器
[root@hecs-276856 docker-compose]# docker-compose down
[+] Running 2/1
✔ Container openclaw Removed 0.5s
✔ Network docker-compose_default Removed
2.修改
[root@iZ2vc1e7i33nsy4xo0e3k3Z docker-compose]# cat data/openclaw.json
{
"meta": {
"lastTouchedVersion": "2026.3.8",
"lastTouchedAt": "2026-03-17T02:25:26.106Z"
},
"models": {
"providers": {
"siliconflow": { //使用的硅基流动的大模型
"baseUrl": "https://api.siliconflow.cn/v1", //大模型接口地址
"apiKey": "sk-XXXXXXXXXXXX", //大模型调用密钥
"api": "openai-completions",
"models": [
{
"id": "Pro/zai-org/GLM-4.7",
"name": "Silicon GLM 4.7",
"contextWindow": 128000,
"maxTokens": 8192
},
{
"id": "deepseek-ai/DeepSeek-V3",
"name": "DeepSeek V3",
"contextWindow": 64000,
"maxTokens": 4096
}
]
}
}
},
"agents": {
"defaults": {
"contextPruning": {
"mode": "cache-ttl",
"ttl": "1h"
},
"compaction": {
"mode": "safeguard"
},
"heartbeat": {
"every": "30m"
}
}
},
"commands": {
"native": "auto",
"nativeSkills": "auto",
"restart": true,
"ownerDisplay": "raw"
},
"gateway": {
"bind": "lan",
"controlUi": {
"allowedOrigins": [
"http://127.0.0.1:18789",
"http://localhost:18789",
"http://服务器静态ip:18080",
"http://localhost:18080",
],
"allowInsecureAuth": true,
"dangerouslyDisableDeviceAuth": true
},
"auth": {
"mode": "token",
"token": "xxxxxxxxxx" //token
}
}
}
3.启动容器
docker-compose up -d
八、添加认证
1.安装htpasswd命令
#centos
yum install httpd-tools
#Ubuntu
apt-get install apache2-utils
2.生成账号密码文件
[root@iZ2vc1e7i33nsy4xo0e3k3Z docker-compose]# htpasswd -c /etc/nginx/.htpasswd admin
New password:
Re-type new password:
Adding password for user admin
3.修改Nginx配置
[root@iZ2vc1e7i33nsy4xo0e3k3Z docker-compose]# cat /etc/nginx/conf.d/openclaw.conf
server {
listen 18080;
server_name 0.0.0.0;
location / {
auth_basic "login"; # 浏览器弹窗显示的提示信息
auth_basic_user_file /etc/nginx/.htpasswd; # 密码文件路径
proxy_pass http://127.0.0.1:18789;
proxy_http_version 1.1;
# WebSocket支持
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# 传递真实客户端信息
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 长连接超时设置
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
}
}
4.重载Nginx
[root@iZ2vc1e7i33nsy4xo0e3k3Z docker-compose]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@iZ2vc1e7i33nsy4xo0e3k3Z docker-compose]# systemctl reload nginx
5.访问测试
九、技能安装
1.安装clawhub
npm install clawhub
