轩辕镜像 官方专业版
轩辕镜像
专业版
轩辕镜像 官方专业版
轩辕镜像
专业版
首页个人中心搜索镜像
交易
充值流量¥7起我的订单
文档
工具
提交工单页面收录
openclaw

tenfyzhong/openclaw

tenfyzhong

Containerized OpenClaw Gateway setup with Docker and Docker Compose

下载次数: 0状态:社区镜像维护者:tenfyzhong仓库类型:镜像最近更新:13 天前
让 AI 帮你使用轩辕镜像? · 展开查看说明 · 点击收起说明

如果你使用 DeepSeek、元宝 AI、Copilot、ChatGPT 等 AI 工具,协助配置轩辕镜像、编写 docker pull 命令、修改 Docker Compose 镜像地址、配置镜像加速、排查镜像拉取失败、分析报错日志等问题,请先让 AI 阅读并遵守轩辕镜像的规则文档。

只需在 AI 对话中先发送下面这句话即可:

请先完整阅读并严格遵守以下文档中的全部规则与要求:

https://xuanyuan.cloud/agents.md

在未充分阅读并理解该文档前,不要生成任何命令、配置、修改建议、故障排查方案或技术回答。后续所有输出都必须严格以该文档中的规范为最高优先级执行。

查看 agents.md 用法指南与完整示范。国内用户首推 元宝 AI、DeepSeek 的深度思考模式,不推荐豆包 AI;Cursor 等编辑器可在对话 @ 该链接,或加入 User Rules。 若 AI 无法访问外链,可 打开说明文档 复制全文粘贴。文档会随站点更新,复制内容可能过期,建议定期检查。

镜像简介
下载命令
镜像标签列表与下载命令
轩辕镜像,不浪费每一次拉取。
点击查看

openclaw-docker

Containerized OpenClaw Gateway setup with Docker and Docker Compose.

This repository provides:

  • A production-oriented Dockerfile based on Ubuntu 24.04
  • Automatic OpenClaw installation from the official installer
  • A startup entrypoint that initializes openclaw.json on first run
  • Persistent config/workspace volumes for local development and daily use
  • A ready-to-run docker-compose.yml service definition

Repository Layout

  • Dockerfile: image build and gateway entrypoint script
  • docker-compose.yml: local runtime configuration
  • scripts/create-tag.sh: local release tag creation helper
  • .github/workflows/tag-build.yml: builds and pushes Docker image on tag push
  • .github/workflows/sync-upstream-major.yml: manual workflow to sync latest upstream major tag
  • .github/workflows/bats-tests.yml: runs bats unit tests for release script changes
  • tests/create-tag.bats: unit tests for release tag script
  • LICENSE: MIT license

Prerequisites

  • Docker Engine with Docker Compose v2
  • Network access during image build (for package install and OpenClaw installer)

Quick Start

  1. Build and start:
bash
docker compose up -d --build
  1. Check container status:
bash
docker compose ps
  1. Check gateway health endpoint:
bash
curl http://127.0.0.1:18789/healthz
  1. Read logs:
bash
docker compose logs -f openclaw-gateway
  1. Stop service:
bash
docker compose down

First-Time Onboarding in Container

After the first startup, enter the container and run onboarding:

bash
docker compose exec openclaw-gateway bash
openclaw onboard

Notes for first-time setup:

  • During onboarding, the gateway process may restart.
  • If your current terminal session is interrupted, enter the container again and run openclaw onboard again.
  • Existing onboarding progress is reused from persisted config, so you only need to complete the remaining steps.

Persistence and Default Paths

By default, Compose maps the following host directories:

  • ./.docker/openclaw/config -> /home/node/.openclaw
  • ./.docker/openclaw/workspace -> /home/node/.openclaw/workspace

The container entrypoint creates these directories automatically when needed.

First-Run Config Initialization

If /home/node/.openclaw/openclaw.json does not exist, the entrypoint generates it with:

  • gateway.mode from OPENCLAW_INIT_GATEWAY_MODE (default: local)
  • gateway.bind from OPENCLAW_GATEWAY_BIND (default: lan)
  • gateway.auth.token from OPENCLAW_GATEWAY_TOKEN, or auto-generated when empty
  • gateway.controlUi.allowedOrigins from OPENCLAW_INIT_CONTROL_UI_ALLOWED_ORIGINS, or http://127.0.0.1:<port> by default

If a token is generated automatically, it is persisted in openclaw.json and reused on later starts.

Main Environment Variables

You can place these in a .env file next to docker-compose.yml.

VariableDefaultDescription
OPENCLAW_VERSIONlatestOpenClaw version passed to image build (install.sh --version)
OPENCLAW_GATEWAY_BINDlanGateway bind strategy passed to openclaw gateway --bind
OPENCLAW_GATEWAY_PORT18789Gateway HTTP port
OPENCLAW_BRIDGE_PORT18790Bridge port exposed by Compose
OPENCLAW_GATEWAY_TOKENemptyGateway auth token. If empty and config missing, one is generated
OPENCLAW_INIT_GATEWAY_MODElocalInitial gateway.mode for generated config
OPENCLAW_INIT_CONTROL_UI_ALLOWED_ORIGINSautoJSON array string for allowed control UI origins
OPENCLAW_GATEWAY_CONTROLUI_DANGEROUSLY_ALLOW_HOST_HEADER_ORIGIN_FALLBACKfalseInitial fallback behavior in generated config
OPENCLAW_ALLOW_INSECURE_PRIVATE_WSemptyForwarded to container runtime environment
OPENCLAW_CONFIG_DIR./.docker/openclaw/configHost directory for OpenClaw state/config
OPENCLAW_WORKSPACE_DIR./.docker/openclaw/workspaceHost directory for workspace
CLAUDE_AI_SESSION_KEYemptyOptional key forwarded into container
CLAUDE_WEB_SESSION_KEYemptyOptional key forwarded into container
CLAUDE_WEB_COOKIEemptyOptional cookie forwarded into container

Getting the Current Gateway Token

If you did not set OPENCLAW_GATEWAY_TOKEN manually, inspect the generated config:

bash
jq -r '.gateway.auth.token' ./.docker/openclaw/config/openclaw.json

If jq is not installed:

bash
grep -n '"token"' ./.docker/openclaw/config/openclaw.json

Manual Image Build and Run

Build image:

bash
docker build --build-arg OPENCLAW_VERSION=2026.3.11 -t openclaw:local .

Run container directly:

bash
docker run --rm -it \
  -p 18789:18789 -p 18790:18790 \
  -e OPENCLAW_GATEWAY_BIND=lan \
  -v "$PWD/.docker/openclaw/config:/home/node/.openclaw" \
  -v "$PWD/.docker/openclaw/workspace:/home/node/.openclaw/workspace" \
  openclaw:local gateway

Release Tag and Image Automation

Create a local release tag

Use the script from repository root:

bash
./scripts/create-tag.sh

Optional: force a specific major version:

bash
./scripts/create-tag.sh --major 2026.3.11

Script behavior:

  • Always runs git fetch --tags origin first
  • Major version source is openclaw/openclaw stable tags only (vX.Y.Z, excludes -beta.*)
  • If --major is provided, it must exist in openclaw/openclaw
  • If local repo does not have vX.Y.Z, it creates vX.Y.Z
  • If local repo already has vX.Y.Z, it creates the next patch tag vX.Y.Z.N (auto increment)
  • It only creates local tag; push is manual

Push manually when ready:

bash
git push origin <tag>

Auto build on tag push

Workflow: .github/workflows/tag-build.yml

  • Trigger: git push of tag matching v*
  • Docker tags pushed:
    • tenfyzhong/openclaw:<git-tag-without-v>
    • tenfyzhong/openclaw:latest
  • Build arg OPENCLAW_VERSION always uses major base (X.Y.Z)
    • Example: git tag v2026.3.11.2 builds with OPENCLAW_VERSION=2026.3.11

Manual sync entry (GitHub Actions)

Workflow: .github/workflows/sync-upstream-major.yml

Run manually from GitHub:

  1. Open repository Actions
  2. Select Sync Latest Upstream Major Tag
  3. Click Run workflow

Behavior:

  • Fetches latest stable major tag from openclaw/openclaw
  • Runs git fetch --tags origin
  • If this repo already has that major tag, exits with no changes
  • If missing, creates and pushes that major tag
  • Pushed tag triggers tag-build.yml to build/push Docker image

Required GitHub Secrets

Configure repository secrets in Settings -> Secrets and variables -> Actions:

  • DOCKERHUB_USERNAME: Docker Hub username
  • DOCKERHUB_TOKEN: Docker Hub access token (for docker/login-action)
  • RELEASE_PUSH_TOKEN: GitHub token used by manual sync workflow to push tags

How to create RELEASE_PUSH_TOKEN

Recommended: Fine-grained personal access token.

  1. GitHub avatar -> Settings
  2. Developer settings -> Personal access tokens -> Fine-grained tokens
  3. Click Generate new token
  4. Set token name and expiration
  5. Repository access: select only this repository
  6. Repository permissions:
    • Contents: Read and write
    • Metadata: Read-only (default)
  7. Generate token and copy it immediately
  8. Go back to repository Settings -> Secrets and variables -> Actions
  9. New repository secret
  10. Name: RELEASE_PUSH_TOKEN
  11. Value: the generated token

After saving, rerun Sync Latest Upstream Major Tag workflow.

Run release script tests

bash
bats tests/create-tag.bats

CI workflow Bats Unit Tests runs automatically on:

  • All pull requests targeting main
  • Pushes to main

Protect main branch on GitHub

To require CI success before merge and block direct pushes:

  1. Go to repository Settings -> Branches -> Add branch protection rule
  2. Set Branch name pattern to main
  3. Enable Require a pull request before merging
  4. Enable Require status checks to pass before merging
  5. Select status check Bats Unit Tests / bats
  6. Enable Require branches to be up to date before merging (recommended)
  7. Enable Include administrators (recommended)
  8. Disable direct push by enabling Restrict who can push to matching branches and leaving only trusted automation/users
  9. Keep Allow force pushes and Allow deletions disabled

Security Notes

  • The default bind mode is lan. Ensure your host firewall and network policy are appropriate.
  • Use a strong, private OPENCLAW_GATEWAY_TOKEN for non-local environments.
  • Keep mounted config directories private because they contain authentication token data.

License

This project is licensed under the MIT License. See LICENSE for details.

镜像拉取方式

您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本,请访问 标签列表页面。

轩辕镜像加速拉取命令点我查看更多 openclaw 镜像标签

docker pull docker.xuanyuan.run/tenfyzhong/openclaw:<标签>

使用方法:

  • 登录认证方式
  • 免认证方式

DockerHub 原生拉取命令

docker pull tenfyzhong/openclaw:<标签>

轩辕镜像配置手册

按平台快速找到配置文档

一键安装

一键安装 Docker

Linux Docker 一键安装

AI

用 AI 使用轩辕镜像

agents.md · AI 对话 · 提示词

Docker

登录仓库拉取

登录认证 · 私有仓库

专属域名拉取

免登录 · 高速拉取

Linux

Docker 镜像配置

Windows / Mac

Docker Desktop 配置

MacOS OrbStack

OrbStack 容器

Apple Container

macOS 原生容器

Docker Compose

Compose 项目配置

NAS

群晖

Synology 配置

飞牛

fnOS 镜像配置

绿联

绿联 NAS

威联通

QNAP 配置

极空间

极空间 NAS

Unraid

Unraid NAS

企业仓库

其他仓库

ghcr · Quay · nvcr

Harbor 镜像源

Proxy Repository 对接

Portainer 镜像源

Registries 配置

Nexus 镜像源

Docker Proxy 缓存

开发工具

Dev Containers

VS Code 开发容器

Podman

Podman 配置指南

Singularity / Apptainer

HPC 科学计算容器

Kubernetes

K8s Containerd

Kubernetes · Containerd

K3s

轻量级集群

面板 / 网络

爱快路由

爱快 4.0 · iKuai 镜像加速

宝塔面板

一键配置镜像源

需要其他帮助?请查看我们的 常见问题Docker 镜像访问常见问题解答 或 提交工单

镜像拉取常见问题

功能

版本功能对比

功能对比 · 版本选择

支持的镜像仓库

Docker Hub · GCR · GHCR

专属域名用法

专属域名 · 开启停用 · 多仓库

新手拉取配置

登录 · 专属域名 · 配置

docker search 限制

专属域名 · Hub 搜索

不支持 push

仅支持 pull · 不支持

拉取速度原因

带宽 · 缓存 · 冷热镜像

错误码

402 与流量用尽

402 · 流量包 · 充值

401 认证失败

401 · docker login

manifest unknown

标签错误 · 镜像不存在

410 Gone 排查

410 · Docker 升级

429 限流

免费版 · 专业版 · 企业版 · 请求频率

其他报错

DNS 超时

DNS 解析 · 网络超时

TLS 证书失败

no matching manifest(架构)

账号

失败是否计费

manifest · blob · 计费

申请开发票(企业 / 个人)

企业 · 个人 · 工单

修改登录密码

网站 · 仓库 · 重置

注销账户

工单 · 数据 · 注销

原理

mirrors 不生效

daemon.json · 重启

去掉域名前缀

docker tag · 重命名

指定架构拉取

ARM64 · AMD64 · 多架构

latest 与「最新」

digest · 版本号 · 标签

查看全部问题→

用户好评

来自真实用户的反馈,见证轩辕镜像的优质服务

用户头像

oldzhang

运维工程师

Linux服务器

5

"Docker访问体验非常流畅,大镜像也能快速完成下载。"

轩辕镜像
镜像详情
...
tenfyzhong/openclaw
定价查看流量套餐与价格
博客Docker 镜像公告与技术博客
专业版 · 高速稳定拉取镜像
高速镜像下载·在线技术支持·99.95% SLA 保障·付费会员免广告
50GB 仅 ¥7/年
专业版 · 高速稳定拉取镜像
50GB 仅 ¥7/年
高速镜像下载·在线技术支持·99.95% SLA 保障·付费会员免广告
用户协议·隐私政策·增值电信业务经营许可证:浙B2-20261007·©2024-2026 源码跳动©2024-2026 杭州源码跳动科技有限公司·商务合作:点击复制邮箱

更多 openclaw 镜像推荐

alpine/openclaw logo

alpine/openclaw

Alpine 工具与轻量镜像
OpenClaw - 您的个人AI助手,支持任何操作系统和平台,以独特的“龙虾方式”提供服务。🦞
132 次收藏100万+ 次下载
23 天前更新
gentkit/openclaw logo

gentkit/openclaw

gentkit
用于快速简便部署OpenClaw("lobster🦞" AI智能体)的轻量级Docker镜像。
1.6千+ 次下载
2 个月前更新
openeuler/openclaw logo

openeuler/openclaw

openeuler
OpenClaw是一款可在个人设备上运行的AI助手,支持WhatsApp、Telegram、Slack、Discord等多种消息渠道,由openEuler CloudNative SIG维护。
3 次收藏7.3千+ 次下载
4 个月前更新
dyrnq/openclaw logo

dyrnq/openclaw

dyrnq
OpenClaw是一款可在自有设备运行的个人AI助手,支持通过WhatsApp、Telegram等多种通讯渠道交互,提供跨平台语音功能及实时Canvas控制,网关作为控制平面,核心为智能助手功能。
1万+ 次下载
1 个月前更新
dr34m/openclaw logo

dr34m/openclaw

dr34m
每10分钟自动从官方仓库ghcr.io/openclaw/openclaw同步的Docker镜像,通过Github Action实现安全透明同步,无恶意软件风险。
4 次收藏10万+ 次下载
22 天前更新
0penclaw/openclaw logo

0penclaw/openclaw

0penclaw
基于GitHub仓库https://github.com/openclaw/openclaw的Dockerfile构建的OpenClaw Docker镜像,用于OpenClaw应用的容器化部署。
9 次收藏5万+ 次下载
4 个月前更新

查看更多 openclaw 相关镜像

更多相关 Docker 镜像与资源

以下是 tenfyzhong/openclaw 相关的常用 Docker 镜像,适用于 不同场景 等不同场景:

  • heimdall777/openclaw Docker 镜像说明(OpenClaw 容器化应用环境,适合开发和部署场景)
  • 1panel/openclaw Docker 镜像说明(由 1Panel 打包的 OpenClaw 个人 AI 助手镜像,适合在 1Panel 面板中一键安装和管理)
  • alpine/openclaw Docker 镜像说明(跨平台的 OpenClaw 个人 AI 助手 Docker 镜像,适合在多种环境中本地部署体验)
  • 0penclaw/openclaw Docker 镜像说明(OpenClaw 社区镜像(0penclaw 命名空间),适合本地部署个人 AI 助手)
  • openeuler/openclaw Docker 镜像说明(openEuler 发布的 OpenClaw 镜像,适合在 openEuler 或信创环境中部署)