Run OpenClaw personal AI assistant inside Docker with full isolation from your host system.
This container has ZERO access to your host system:
- NO host filesystem access
- NO access to host Docker
- NO privileged mode
- NO root user
- NO Linux capabilities
- Internet access only
- All data in isolated Docker volumes
| Protection | Status |
|---|---|
| Non-root user | Runs as node |
no-new-privileges |
Enabled |
cap_drop: ALL |
All capabilities dropped |
| Localhost-only port | 127.0.0.1:18789 |
| Isolated network | Bridge network |
| No host mounts | Docker volumes only |
make up
# Or without make:
docker compose up -d --buildmake onboard
# Or manually:
docker exec -it openclaw openclaw onboardOpen http://localhost:18789 in your browser.
| Command | Description |
|---|---|
make up |
Build and start OpenClaw |
make down |
Stop all containers |
make logs |
Follow container logs |
make shell |
Open a bash shell in the container |
make onboard |
Run the onboarding wizard |
make restart |
Restart the OpenClaw gateway |
make status |
Show container and Docker status |
make clean |
Remove all containers and volumes |
docker exec -it openclaw openclaw agent --message 'Hello!'
docker exec -it openclaw openclaw doctor
docker exec -it openclaw openclaw channels list| Port | Service |
|---|---|
| 18789 | OpenClaw Gateway (localhost only) |
| Volume | Purpose |
|---|---|
openclaw-config |
OpenClaw configuration |
openclaw-workspace |
Workspace files |
┌─────────────────────────────────────────┐
│ Host System │
│ │
│ [Your Files] ─── BLOCKED │
│ [Host Docker] ─── BLOCKED │
│ │
│ ┌───────────────────────────────────┐ │
│ │ openclaw (isolated) │ │
│ │ ┌─────────────────────────────┐ │ │
│ │ │ OpenClaw Gateway (:18789) │ │ │
│ │ └─────────────────────────────┘ │ │
│ │ ┌─────────────────────────────┐ │ │
│ │ │ Chromium (Puppeteer) │ │ │
│ │ └─────────────────────────────┘ │ │
│ │ │ │ │
│ │ [Internet] ✓ │ │
│ └───────────────────────────────────┘ │
└─────────────────────────────────────────┘
MIT - See OpenClaw License