*A Full Setup Guide for Running an Always-On AI Agent (Without Buying a Mac Mini)
*
I found “Clawdbot” the same way most people did: scrolling X in mid-January, half back at work, half still in holiday mode.
The name sounded vague. Another AI wrapper, I thought.
Two weeks later, my feed was full of terminal screenshots, excited threads, and something oddly specific: photos of freshly unboxed Mac Minis.
People were buying $600–$800 machines just to run this thing.
I had already been using it daily. And my conclusion was very different.
OpenClaw is useful.
But it’s not magic.
And if you install it like a weekend toy, it will absolutely bite you.
This is a practical guide based on real usage, not launch hype.
You’ll learn:
• What OpenClaw actually is (and why it’s not Claude Code)
• Why you don’t need a Mac Mini
• How to run it on a cheap Ubuntu VPS
• How to harden that VPS properly
• How to connect Telegram and the Control UI
• The most common early failure modes and fixes
What OpenClaw Actually Is
OpenClaw is not Claude Code on a server.
Claude Code is a tool you open when you need it.
OpenClaw is a service that stays online.
Architecturally, OpenClaw is an orchestration layer that can sit on top of different LLM providers (Claude, GPT, Gemini, etc).
A simple mental model:
• Claude Code = hammer you pick up
• OpenClaw = hammer that stays awake and asks if there’s work to do
Under the hood, you’ll see four core components:
• Gateway – a background daemon that connects to Telegram and other channels
• Agent – the LLM brain interpreting intent
• Skills – modular capabilities (web, files, calendar, custom integrations)
• Memory – persistent storage in plain Markdown files
This is why OpenClaw wants a server. It’s designed to run continuously.
Why You Don’t Need a Mac Mini
The Mac Mini trend is mostly psychological.
It looks clean. It feels “serious”. It sits on your desk and hums quietly.
But technically, it’s unnecessary for most users.
My setup:
• 2 vCPU
• 4 GB RAM
• 40 GB SSD
• Ubuntu 22.04
• €5/month VPS
In two weeks of daily use, I never hit resource limits.
OpenClaw doesn’t do heavy compute locally. The expensive work happens at the LLM provider. Locally, you’re running orchestration.
There’s also a safety angle.
OpenClaw can:
• read files
• execute commands
• make network calls
Running that on your daily work machine is risky. A VPS gives you isolation. Worst case, it breaks itself. Not your laptop.
Isolation isn’t paranoia. It’s hygiene.
Step 1: Provision and Secure a VPS
This part is not optional.
If you skip basic security, you’ll still “get it working”, but you’ll be running a powerful agent in a fragile environment.
Requirements
• Ubuntu 22.04 or 24.04
• 2+ vCPU
• 4+ GB RAM
Login as root
ssh root@YOUR_SERVER_IP
Update system and install basics
apt update && apt upgrade -y
apt install -y curl git jq fail2ban ufw ca-certificates gnupg
Create a non-root user
Replace clawd with your username.
adduser clawd
usermod -aG sudo clawd
Add SSH keys
From your local machine:
cat ~/.ssh/id_ed25519.pub
Copy the key.
On the server:
mkdir -p /home/clawd/.ssh
nano /home/clawd/.ssh/authorized_keys
Paste the key and save.
Fix permissions:
chmod 700 /home/clawd/.ssh
chmod 600 /home/clawd/.ssh/authorized_keys
chown -R clawd:clawd /home/clawd/.ssh
Lock down SSH
Edit config:
nano /etc/ssh/sshd_config
Set:
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
Restart SSH:
systemctl restart ssh
Test login from a new terminal before closing your root session.
Firewall
ufw allow OpenSSH
ufw enable
ufw status
Fail2ban
nano /etc/fail2ban/jail.local
[sshd]
enabled = true
maxretry = 3
bantime = 86400
systemctl restart fail2ban
Step 2: Install Node.js 22+
OpenClaw expects a modern Node runtime.
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash
. "$HOME/.nvm/nvm.sh"
nvm install 22
node -v
Step 3: Install OpenClaw
Always install from the official GitHub repository.
Do not trust:
• random gists
• copied one-liners from tweets
• VS Code marketplace clones
The project provides an official install method. Use that.
If you prefer transparency, clone and install manually:
git clone
cd openclaw
npm install
npm run build
npm run start
Use the exact commands from the repo you trust.
Step 4: First Run and Wizard
On first run, OpenClaw launches a wizard.
Key choices:
• Acknowledge that the system is powerful and risky
• Use QuickStart mode
• Choose your model provider
• Select Telegram (most common gateway)
Important advice:
Do not enable every skill immediately.
Add integrations only when you actually need them.
Step 5: Connect Telegram
Create a Telegram bot via BotFather and get the token.
When you first message your agent, you’ll receive a pairing code.
Approve it on the server:
openclaw pairing approve telegram
(Exact command name depends on your install. Follow CLI output.)
Step 6: Enable Web Search (Optional but Useful)
Many setups use Brave Search.
openclaw configure --section web
You’ll be prompted to:
• enable search
• provide an API key
• allow basic HTTP fetch
Free tiers are usually enough.
Step 7: Access the Control UI Safely
Do not expose the Control UI publicly.
Use an SSH tunnel.
From your local machine:
ssh -N -L 18789:127.0.0.1:18789 clawd@YOUR_SERVER_IP
Then open:
Keep the tunnel running.
Eight Problems You Will Hit with Clawdbot (and Fixes)
These are common and predictable.
- Too autonomous
You ask a question. It edits config.
Fix:
Add a rule like:
“Before any action, propose a plan and wait for confirmation.”
- Questions trigger actions
“How does X work?” becomes “install X”.
Fix:
Explicitly state: questions are not commands.
- Ghosting
It goes silent for minutes.
Fix:
Ping again. Check gateway logs.
- Infinite loops
It keeps searching endlessly.
Fix:
Restart the service or reboot the VPS.
- Cron jobs don’t notify
Tasks run, but no Telegram message.
Fix:
Explicitly send messages from scheduled tasks.
- Settings overload
Too many toggles.
Fix:
Change only what blocks you right now.
- Memory doesn’t persist
It says “saved” but forgets later.
Fix:
Understand short vs long memory.
Add explicit save triggers.
- Token burn
Autonomy equals many LLM calls.
Fix:
Prefer subscription-based providers or set strict limits.
Final Thoughts
OpenClaw is not a toy.
It’s closer to infrastructure than an app.
If you treat it like a demo, you’ll get chaos.
If you treat it like a service, it becomes genuinely useful.
Run it isolated.
Limit permissions.
Force it to ask before acting.
That’s the difference between a weekend experiment and something you keep.
Top comments (0)