Manual OpenClaw Installation on Linux (Ubuntu/Debian) (2026)

The digital age promised connection. It delivered surveillance, data exploitation, and centralized choke points. You feel it, don’t you? That slow erosion of personal control, the gnawing sensation that your information isn’t truly yours. It’s time to end that. It’s time to seize back what was always yours.

OpenClaw offers the antidote. It isn’t just software; it’s a declaration of independence. When you host OpenClaw yourself, you plant your flag firmly in the territory of digital sovereignty. This isn’t about mere privacy; it’s about unfettered control, true ownership of your digital self. For those ready to leave behind the rented data silos, Getting Started with OpenClaw Self-Hosting is your first step. But for the hands-on pioneers, for those who demand to understand every bolt and wire, a manual installation is the only way.

This guide isn’t for the faint of heart or those content with managed services. This is for the architects of their own decentralized future. We’ll walk through the manual OpenClaw installation on a Linux system, specifically Ubuntu or Debian. Prepare to reclaim your data, command by command.

Why Manual Installation Matters More Than Ever

Some tools promise instant setup. They gloss over the underlying mechanics. We reject that convenience if it compromises understanding. Manual installation forces you to confront the system, to understand its components. This isn’t just about getting OpenClaw running. It’s about building a robust foundation for your digital fortress. You learn what makes it tick. You know its vulnerabilities, and more importantly, you know how to harden them.

True digital autonomy stems from deep knowledge. It’s knowing every daemon, every file path, every network setting. A manual approach gives you that. It gives you the power to fine-tune, to customize, to adapt OpenClaw precisely to your operational security needs. Plus, for those seeking to contribute to the project, understanding the manual setup is indispensable. You become a participant, not merely a consumer.

Essential Gear: Prerequisites for Your Digital Workshop

Before we dive into the terminal, ensure your system is ready. A clean Ubuntu or Debian server is ideal. We’ll be using Docker for containerization and Docker Compose for orchestration. These technologies simplify complex deployments without sacrificing your control. They package OpenClaw and its dependencies neatly, isolating them from your host system. This brings stability and easier management down the line.

Make sure you have administrative access (sudo privileges) to your server. A stable internet connection is also non-negotiable for downloading packages and the OpenClaw source code.

Your Toolkit: Required Software

• Git: For cloning the OpenClaw repository.
• Docker Engine: The foundation for running OpenClaw’s containers.
• Docker Compose: To manage multiple Docker containers as a single service.

Setting the Stage: System Preparation

First things first. Always update your package lists and upgrade any existing software. This secures your system and ensures compatibility. Run these commands:

sudo apt update
sudo apt upgrade -y

This process might take a few minutes. Patience is a virtue, especially when building something significant.

Installing the Core Technologies

Now, let’s install the crucial software components. Each step is vital.

Step 1: Get Git

Git manages version control. It helps us download the OpenClaw source code. If you don’t have it, install it now:

sudo apt install git -y

Confirm the installation: git –version. You should see its version number.

Step 2: Docker Engine Installation

Installing Docker correctly involves adding its official GPG key and repository. This ensures you get legitimate, up-to-date Docker packages directly from the source. OpenClaw relies heavily on Docker for its modular architecture.

sudo apt install ca-certificates curl gnupg -y
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg

Add the Docker repository to your system’s sources:

echo \
  "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Update your package index again to include Docker’s repository:

sudo apt update

Finally, install Docker Engine, containerd, and Docker Buildx:

sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin -y

To run Docker commands without `sudo`, add your user to the `docker` group. This is a common practice, but understand the security implications. Log out and back in after this for the changes to take effect:

sudo usermod -aG docker $USER

Verify Docker is running: docker run hello-world. You should see a confirmation message.

Step 3: Docker Compose Installation

Docker Compose simplifies multi-container Docker applications. OpenClaw uses it to manage its various services (database, web server, application logic). Install it via Docker’s official repository, as it’s now a Docker plugin.

sudo apt install docker-compose-plugin -y

Verify the installation: docker compose version (note the space, not a hyphen). This confirms Compose is ready.

For more detailed official installation instructions for Docker, refer to the Docker Engine installation guide for Ubuntu.

Grabbing OpenClaw: The Source Code

With our tools in place, it’s time to get the OpenClaw source. We’ll clone the repository from its official source. Choose a directory where you want to store OpenClaw’s files. For this example, we’ll use `/opt/openclaw`.

sudo mkdir -p /opt/openclaw
cd /opt/openclaw
sudo git clone https://github.com/OpenClaw/openclaw-selfhost.git .
sudo chown -R $USER:$USER /opt/openclaw

This pulls down all necessary files for the OpenClaw self-hosting setup into your chosen directory.

Configuration: Shaping Your Instance

OpenClaw’s `docker-compose.yml` file and its accompanying environment variables dictate how your instance runs. This is where you stamp your authority on the deployment.

Step 1: Environment Variables

Open the `.env.example` file you just cloned. Copy its contents to a new file named `.env`. This file holds your specific configurations, secrets, and database settings.

cp .env.example .env

Edit the `.env` file using your favorite text editor, for example, `nano`:

nano .env

Crucial variables to set:

• DATABASE_URL: Define your PostgreSQL database connection string. If using the default setup provided in the `docker-compose.yml`, this will usually be a link to the `db` service.
• APP_SECRET_KEY: Generate a strong, random string. This is vital for security. Never use a default or guessable value.
• ADMIN_EMAIL / ADMIN_PASSWORD: Set initial administrator credentials. Change these immediately after your first login.
• OPENCLAW_DOMAIN: Your domain name (e.g., `myclaw.example.com`). This influences internal routing and external links.
• CADDY_EMAIL: Provide an email for Caddy to generate SSL certificates. This ensures secure HTTPS access.

Go through each variable carefully. Understand its purpose. This is your system, after all.

Step 2: Generate Strong Secrets

Your `APP_SECRET_KEY` needs to be truly random. You can generate one with a simple command:

openssl rand -base64 32

Copy the output and paste it into your `.env` file for `APP_SECRET_KEY`. Do not share this key with anyone. It’s your instance’s digital fingerprint.

Launching OpenClaw: The Moment of Truth

All preparatory work converges here. With your `.env` file configured and all dependencies installed, launching OpenClaw is a single command away.

docker compose up -d

The `-d` flag runs the containers in “detached” mode, meaning they will run in the background, freeing up your terminal. Docker Compose will pull the necessary images, build the services, and bring your OpenClaw instance to life.

This process might take a while on the first run, as Docker downloads all required images. You will see output indicating the services being created and started.

Post-Installation Checks and Initial Access

Once the `docker compose up -d` command completes, verify your OpenClaw services are running.
Check the status of your containers:

docker compose ps

You should see all OpenClaw services listed with a “running” status. If any service shows “exited” or “restarting”, there’s an issue. Examine the logs for that specific service:

docker compose logs [service_name]

For example, to check the main OpenClaw application logs: docker compose logs openclaw.

Access your OpenClaw instance by navigating to your server’s IP address or domain name in a web browser. If you configured Caddy with a domain and email, it should automatically handle SSL certificates, giving you secure HTTPS access. Log in with the `ADMIN_EMAIL` and `ADMIN_PASSWORD` you set in your `.env` file.

Change your default admin password immediately upon first login. This is not optional; it’s a critical security measure. Your digital kingdom must be protected.

Beyond the Launch: Maintaining Control

Manual installation means manual upkeep. You now own the process. Regular updates are non-negotiable for security and performance. Stay informed about OpenClaw releases. When an update is available, you’ll typically perform these steps:

1. Stop OpenClaw: docker compose down
2. Pull latest code: git pull origin main
3. Restart OpenClaw: docker compose up -d
4. Run any database migrations if needed (check release notes for specific commands).

For more detailed information on maintaining your OpenClaw instance securely, consider our guide on Best Practices for OpenClaw Security Updates. It provides a deeper dive into protecting your self-hosted environment.

Backups are another core responsibility. Regularly back up your database and your OpenClaw configuration files. These aren’t just files; they are your data, your sovereignty. Without a solid backup strategy, you risk losing everything you’ve worked to reclaim. Look into automated backup solutions specific to Docker volumes and PostgreSQL databases.

Remember, your hardware also plays a role. If you’re running OpenClaw on an older machine, you might need to make some adjustments. Our article on Optimizing OpenClaw Performance on Low-Resource Servers offers valuable insights for getting the most out of limited hardware.

The journey to true digital freedom is ongoing. It requires vigilance, understanding, and direct engagement with your tools. You’ve now taken a monumental step.

The internet was meant to be a vast, decentralized network. Corporate giants twisted that vision. But you can bend it back. You just proved it. You reclaimed a piece of your digital self. This isn’t a small victory; it’s a crucial one in the larger fight for a truly open, truly free digital world.

This is your server. This is your data. This is your control. Welcome to the unfettered future.