You Don't Really Need a Mac mini to Run OpenClaw, Here's How You Can Run It in a Container.You Don't Really Need a Mac mini to Run OpenClaw, Here's How You Can Run It in a Container.You Don't Really Need a Mac mini to Run OpenClaw, Here's How You Can Run It in a Container.

While many tutorials suggest a dedicated Mac Mini for running powerful AI agents, you don't actually need one to harness the power of OpenClaw. OpenClaw is an open-source AI assistant that acts as a "go-between," connecting you to LLMs like Claude or GPT via their APIs.

By using Docker, you can run OpenClaw on almost any hardware—from a cloud VPS to an old laptop—while maintaining isolation and security. In this guide, we will walk through the steps to deploy OpenClaw using Docker, map your volumes, and secure your installation with a reverse proxy to unlock the full potential of the web-based dashboard.

Quick Start: Basic Docker Deployment

To get started quickly without specialized hardware, you can use the official Docker setup script.

git clone https://github.com/openclaw/openclaw.git
cd openclaw
./docker-setup.sh

This will build the necessary images and start the OpenClaw gateway and CLI containers on your Linux or macOS machine.

Docker Volume Mapping

Proper volume mapping ensures your AI's memory and configuration persist across container restarts. On Linux, it is safer to use ${HOME} to ensure the path expands correctly.

In your docker-compose.yml, ensure you have the following mappings:

services:
  openclaw-gateway:
    image: openclaw/gateway:latest
    volumes:
      - ./workspace:/app/workspace # The agent's playground
      - ${HOME}/.openclaw:/app/.openclaw # Config, memory, and API keys
    ports:
      - "18789:18789"
    restart: unless-stopped

Permission Tip: Docker containers often run as root. If you encounter "Permission Denied" errors, you may need to adjust the ownership of these host directories:

sudo chown -R $USER:$USER ${HOME}/.openclaw ./workspace

Reverse Proxy and Security Setup

Before accessing the dashboard, you must set up a reverse proxy (like Nginx or Caddy). This is essential for SSL encryption and proper domain mapping.

1. Configuring Trusted Proxies

To prevent unauthorized access via the "localhost fallacy" (where OpenClaw trusts connections from 127.0.0.1), you must define your trusted proxies. While this is usually handled by the wizard, you can manually verify it in ${HOME}/.openclaw/openclaw.json:

{
  "gateway": {
    "trustedProxies": [
      "172.17.0.1"
    ],
    "controlUi": {
      "allowInsecureAuth": false
    }
  },
  "agents": {
    "defaults": {
      "model": {
        "primary": "anthropic/claude-3-5-sonnet"
      }
    }
  }
}

2. Nginx Configuration

Use the following example to expose OpenClaw via your domain:

server {
    listen 443 ssl;
    server_name openclaw.yourdomain.com;

    ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;

    location / {
        proxy_pass http://localhost:18789;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

The Admin Dashboard and Web UI

With the reverse proxy in place, you can now securely access the OpenClaw Admin Dashboard (Control UI). This is the primary hub for managing your agent, monitor tasks, and configuring settings.

By using your domain, you benefit from:

• SSL/TLS Encryption: Secure access to your configuration and chat history.
• WebSocket Support: Smooth real-time updates for agent tasks.
• Ease of Use: A professional URL instead of an IP and port.

CLI Configuration Guide

If you prefer using the terminal or need to automate your setup, you can use the openclaw-cli container to configure your providers.

Add Model Providers

Run the following commands to add your API keys:

# Add Anthropic
docker compose run --rm openclaw-cli providers add --provider anthropic --token YOUR_ANTHROPIC_API_KEY

# Add OpenAI
docker compose run --rm openclaw-cli providers add --provider openai --token YOUR_OPENAI_API_KEY

Configure Telegram

1. Get your token from @BotFather.
2. Add it via CLI:

docker compose run --rm openclaw-cli providers add --provider telegram --token YOUR_TELEGRAM_BOT_TOKEN

3. Message your bot and approve the pairing code:

docker compose run --rm openclaw-cli pairing approve telegram <PAIRING_CODE>

Dashboard Configuration Guide

Now that you can access https://openclaw.yourdomain.com, you can complete the setup without touching the CLI.

Model Provider Setup

1. Navigate to your domain. If it's your first time, the Web Onboarding Wizard will appear.
2. Follow the 8-step flow to detect your workspace and configure basic settings.
3. Paste your Anthropic (Claude) or OpenAI (GPT) API keys when prompted.

Telegram Setup

1. Message @BotFather on Telegram to get a Bot Token.
2. In the OpenClaw Dashboard, go to Providers > Add Provider > Telegram.
3. Enter your token and save.
4. Start a chat with your bot on Telegram, then enter the pairing code in the Security tab of your dashboard.

References

• OpenClaw Official Documentation
• OpenClaw GitHub Repository
• Securing OpenClaw with a Reverse Proxy - simonwillison.net
• OpenClaw Rebranding and History - Wikipedia