openclaw/docs/vps.md

---
summary: "Run OpenClaw on a Linux server or cloud VPS — provider picker, architecture, and tuning"
read_when:
  - You want to run the Gateway on a Linux server or cloud VPS
  - You need a quick map of hosting guides
  - You want generic Linux server tuning for OpenClaw
title: "Linux Server"
sidebarTitle: "Linux Server"
---

# Linux Server

Run the OpenClaw Gateway on any Linux server or cloud VPS. This page helps you
pick a provider, explains how cloud deployments work, and covers generic Linux
tuning that applies everywhere.

## Pick a provider

<CardGroup cols={2}>
  <Card title="Railway" href="/install/railway">One-click, browser setup</Card>
  <Card title="Northflank" href="/install/northflank">One-click, browser setup</Card>
  <Card title="DigitalOcean" href="/install/digitalocean">Simple paid VPS</Card>
  <Card title="Oracle Cloud" href="/install/oracle">Always Free ARM tier</Card>
  <Card title="Fly.io" href="/install/fly">Fly Machines</Card>
  <Card title="Hetzner" href="/install/hetzner">Docker on Hetzner VPS</Card>
  <Card title="GCP" href="/install/gcp">Compute Engine</Card>
  <Card title="Azure" href="/install/azure">Linux VM</Card>
  <Card title="exe.dev" href="/install/exe-dev">VM with HTTPS proxy</Card>
  <Card title="Raspberry Pi" href="/install/raspberry-pi">ARM self-hosted</Card>
</CardGroup>

**AWS (EC2 / Lightsail / free tier)** also works well.
A community video walkthrough is available at
[x.com/techfrenAJ/status/2014934471095812547](https://x.com/techfrenAJ/status/2014934471095812547)
(community resource -- may become unavailable).

## How cloud setups work

- The **Gateway runs on the VPS** and owns state + workspace.
- You connect from your laptop or phone via the **Control UI** or **Tailscale/SSH**.
- Treat the VPS as the source of truth and **back up** the state + workspace regularly.
- Secure default: keep the Gateway on loopback and access it via SSH tunnel or Tailscale Serve.
  If you bind to `lan` or `tailnet`, require `gateway.auth.token` or `gateway.auth.password`.

Related pages: [Gateway remote access](/gateway/remote), [Platforms hub](/platforms).

## Shared company agent on a VPS

Running a single agent for a team is a valid setup when every user is in the same trust boundary and the agent is business-only.

- Keep it on a dedicated runtime (VPS/VM/container + dedicated OS user/accounts).
- Do not sign that runtime into personal Apple/Google accounts or personal browser/password-manager profiles.
- If users are adversarial to each other, split by gateway/host/OS user.

Security model details: [Security](/gateway/security).

## Using nodes with a VPS

You can keep the Gateway in the cloud and pair **nodes** on your local devices
(Mac/iOS/Android/headless). Nodes provide local screen/camera/canvas and `system.run`
capabilities while the Gateway stays in the cloud.

Docs: [Nodes](/nodes), [Nodes CLI](/cli/nodes).

## Startup tuning for small VMs and ARM hosts

If CLI commands feel slow on low-power VMs (or ARM hosts), enable Node's module compile cache:

```bash
grep -q 'NODE_COMPILE_CACHE=/var/tmp/openclaw-compile-cache' ~/.bashrc || cat >> ~/.bashrc <<'EOF'
export NODE_COMPILE_CACHE=/var/tmp/openclaw-compile-cache
mkdir -p /var/tmp/openclaw-compile-cache
export OPENCLAW_NO_RESPAWN=1
EOF
source ~/.bashrc
```

- `NODE_COMPILE_CACHE` improves repeated command startup times.
- `OPENCLAW_NO_RESPAWN=1` avoids extra startup overhead from a self-respawn path.
- First command run warms the cache; subsequent runs are faster.
- For Raspberry Pi specifics, see [Raspberry Pi](/install/raspberry-pi).

### systemd tuning checklist (optional)

For VM hosts using `systemd`, consider:

- Add service env for a stable startup path:
  - `OPENCLAW_NO_RESPAWN=1`
  - `NODE_COMPILE_CACHE=/var/tmp/openclaw-compile-cache`
- Keep restart behavior explicit:
  - `Restart=always`
  - `RestartSec=2`
  - `TimeoutStartSec=90`
- Prefer SSD-backed disks for state/cache paths to reduce random-I/O cold-start penalties.

Example:

```bash
sudo systemctl edit openclaw
```

```ini
[Service]
Environment=OPENCLAW_NO_RESPAWN=1
Environment=NODE_COMPILE_CACHE=/var/tmp/openclaw-compile-cache
Restart=always
RestartSec=2
TimeoutStartSec=90
```

How `Restart=` policies help automated recovery:
[systemd can automate service recovery](https://www.redhat.com/en/blog/systemd-automate-recovery).
docs: add vps hosting hub 2026-01-25 00:20:01 +00:00			`---`
docs: rename VPS to Linux Server, update provider links for moved pages 2026-03-19 13:25:05 -07:00			`summary: "Run OpenClaw on a Linux server or cloud VPS — provider picker, architecture, and tuning"`
docs: add vps hosting hub 2026-01-25 00:20:01 +00:00			`read_when:`
docs: rename VPS to Linux Server, update provider links for moved pages 2026-03-19 13:25:05 -07:00			`- You want to run the Gateway on a Linux server or cloud VPS`
			`- You need a quick map of hosting guides`
			`- You want generic Linux server tuning for OpenClaw`
			`title: "Linux Server"`
			`sidebarTitle: "Linux Server"`
docs: add vps hosting hub 2026-01-25 00:20:01 +00:00			`---`
chore: Run `pnpm format:fix`. 2026-01-31 21:13:13 +09:00
docs: rename VPS to Linux Server, update provider links for moved pages 2026-03-19 13:25:05 -07:00			`# Linux Server`
docs: add vps hosting hub 2026-01-25 00:20:01 +00:00
docs: rename VPS to Linux Server, update provider links for moved pages 2026-03-19 13:25:05 -07:00			`Run the OpenClaw Gateway on any Linux server or cloud VPS. This page helps you`
			`pick a provider, explains how cloud deployments work, and covers generic Linux`
			`tuning that applies everywhere.`
docs: add vps hosting hub 2026-01-25 00:20:01 +00:00
			`## Pick a provider`

docs: improve VPS hub page and convert Podman to Mintlify Steps 2026-03-19 12:06:42 -07:00			`<CardGroup cols={2}>`
			`<Card title="Railway" href="/install/railway">One-click, browser setup</Card>`
			`<Card title="Northflank" href="/install/northflank">One-click, browser setup</Card>`
docs: rename VPS to Linux Server, update provider links for moved pages 2026-03-19 13:25:05 -07:00			`<Card title="DigitalOcean" href="/install/digitalocean">Simple paid VPS</Card>`
			`<Card title="Oracle Cloud" href="/install/oracle">Always Free ARM tier</Card>`
docs: improve VPS hub page and convert Podman to Mintlify Steps 2026-03-19 12:06:42 -07:00			`<Card title="Fly.io" href="/install/fly">Fly Machines</Card>`
			`<Card title="Hetzner" href="/install/hetzner">Docker on Hetzner VPS</Card>`
			`<Card title="GCP" href="/install/gcp">Compute Engine</Card>`
			`<Card title="Azure" href="/install/azure">Linux VM</Card>`
			`<Card title="exe.dev" href="/install/exe-dev">VM with HTTPS proxy</Card>`
docs: rename VPS to Linux Server, update provider links for moved pages 2026-03-19 13:25:05 -07:00			`<Card title="Raspberry Pi" href="/install/raspberry-pi">ARM self-hosted</Card>`
docs: improve VPS hub page and convert Podman to Mintlify Steps 2026-03-19 12:06:42 -07:00			`</CardGroup>`

			`AWS (EC2 / Lightsail / free tier) also works well.`
			`A community video walkthrough is available at`
			`[x.com/techfrenAJ/status/2014934471095812547](https://x.com/techfrenAJ/status/2014934471095812547)`
			`(community resource -- may become unavailable).`
docs: add vps hosting hub 2026-01-25 00:20:01 +00:00
			`## How cloud setups work`

			`- The Gateway runs on the VPS and owns state + workspace.`
docs: improve VPS hub page and convert Podman to Mintlify Steps 2026-03-19 12:06:42 -07:00			`- You connect from your laptop or phone via the Control UI or Tailscale/SSH.`
			`- Treat the VPS as the source of truth and back up the state + workspace regularly.`
docs: harden VPS install defaults 2026-01-26 13:04:18 +00:00			`- Secure default: keep the Gateway on loopback and access it via SSH tunnel or Tailscale Serve.`
docs: improve VPS hub page and convert Podman to Mintlify Steps 2026-03-19 12:06:42 -07:00			If you bind to `lan` or `tailnet`, require `gateway.auth.token` or `gateway.auth.password`.
docs: add vps hosting hub 2026-01-25 00:20:01 +00:00
docs: improve VPS hub page and convert Podman to Mintlify Steps 2026-03-19 12:06:42 -07:00			`Related pages: [Gateway remote access](/gateway/remote), [Platforms hub](/platforms).`
docs: add vps hosting hub 2026-01-25 00:20:01 +00:00
docs(security): add vps trust-boundary guidance 2026-02-24 01:02:06 +00:00			`## Shared company agent on a VPS`

docs: improve VPS hub page and convert Podman to Mintlify Steps 2026-03-19 12:06:42 -07:00			`Running a single agent for a team is a valid setup when every user is in the same trust boundary and the agent is business-only.`
docs(security): add vps trust-boundary guidance 2026-02-24 01:02:06 +00:00
			`- Keep it on a dedicated runtime (VPS/VM/container + dedicated OS user/accounts).`
			`- Do not sign that runtime into personal Apple/Google accounts or personal browser/password-manager profiles.`
			`- If users are adversarial to each other, split by gateway/host/OS user.`

docs: improve VPS hub page and convert Podman to Mintlify Steps 2026-03-19 12:06:42 -07:00			`Security model details: [Security](/gateway/security).`
docs(security): add vps trust-boundary guidance 2026-02-24 01:02:06 +00:00
docs: add vps hosting hub 2026-01-25 00:20:01 +00:00			`## Using nodes with a VPS`

			`You can keep the Gateway in the cloud and pair nodes on your local devices`
			(Mac/iOS/Android/headless). Nodes provide local screen/camera/canvas and `system.run`
			`capabilities while the Gateway stays in the cloud.`

docs: improve VPS hub page and convert Podman to Mintlify Steps 2026-03-19 12:06:42 -07:00			`Docs: [Nodes](/nodes), [Nodes CLI](/cli/nodes).`
Docs VPS: add startup tuning for small hosts 2026-03-01 12:28:06 -08:00
			`## Startup tuning for small VMs and ARM hosts`

			`If CLI commands feel slow on low-power VMs (or ARM hosts), enable Node's module compile cache:`

			```bash
			`grep -q 'NODE_COMPILE_CACHE=/var/tmp/openclaw-compile-cache' ~/.bashrc \|\| cat >> ~/.bashrc <<'EOF'`
Docs: remove MDX-breaking secret markers 2026-03-07 10:09:00 -08:00			`export NODE_COMPILE_CACHE=/var/tmp/openclaw-compile-cache`
Docs VPS: add startup tuning for small hosts 2026-03-01 12:28:06 -08:00			`mkdir -p /var/tmp/openclaw-compile-cache`
			`export OPENCLAW_NO_RESPAWN=1`
			`EOF`
			`source ~/.bashrc`
			```

			- `NODE_COMPILE_CACHE` improves repeated command startup times.
			- `OPENCLAW_NO_RESPAWN=1` avoids extra startup overhead from a self-respawn path.
docs: improve VPS hub page and convert Podman to Mintlify Steps 2026-03-19 12:06:42 -07:00			`- First command run warms the cache; subsequent runs are faster.`
docs: rename VPS to Linux Server, update provider links for moved pages 2026-03-19 13:25:05 -07:00			`- For Raspberry Pi specifics, see [Raspberry Pi](/install/raspberry-pi).`
CLI: add root --help fast path and lazy channel option resolution (#30975) * CLI argv: add strict root help invocation guard * Entry: add root help fast-path bootstrap bypass * CLI context: lazily resolve channel options * CLI context tests: cover lazy channel option resolution * CLI argv tests: cover root help invocation detection * Changelog: note additional startup path optimizations * Changelog: split startup follow-up into #30975 entry * CLI channel options: load precomputed startup metadata * CLI channel options tests: cover precomputed metadata path * Build: generate CLI startup metadata during build * Build script: invoke CLI startup metadata generator * CLI routes: preload plugins for routed health * CLI routes tests: assert health plugin preload * CLI: add experimental bundled entry and snapshot helper * Tools: compare CLI startup entries in benchmark script * Docs: add startup tuning notes for Pi and VM hosts * CLI: drop bundled entry runtime toggle * Build: remove bundled and snapshot scripts * Tools: remove bundled-entry benchmark shortcut * Docs: remove bundled startup bench examples * Docs: remove Pi bundled entry mention * Docs: remove VM bundled entry mention * Changelog: remove bundled startup follow-up claims * Build: remove snapshot helper script * Build: remove CLI bundle tsdown config * Doctor: add low-power startup optimization hints * Doctor: run startup optimization hint checks * Doctor tests: cover startup optimization host targeting * Doctor tests: mock startup optimization note export * CLI argv: require strict root-only help fast path * CLI argv tests: cover mixed root-help invocations * CLI channel options: merge metadata with runtime catalog * CLI channel options tests: assert dynamic catalog merge * Changelog: align #30975 startup follow-up scope * Docs tests: remove secondary-entry startup bench note * Docs Pi: add systemd recovery reference link * Docs VPS: add systemd recovery reference link 2026-03-01 14:23:46 -08:00
			`### systemd tuning checklist (optional)`

			For VM hosts using `systemd`, consider:

docs: improve VPS hub page and convert Podman to Mintlify Steps 2026-03-19 12:06:42 -07:00			`- Add service env for a stable startup path:`
CLI: add root --help fast path and lazy channel option resolution (#30975) * CLI argv: add strict root help invocation guard * Entry: add root help fast-path bootstrap bypass * CLI context: lazily resolve channel options * CLI context tests: cover lazy channel option resolution * CLI argv tests: cover root help invocation detection * Changelog: note additional startup path optimizations * Changelog: split startup follow-up into #30975 entry * CLI channel options: load precomputed startup metadata * CLI channel options tests: cover precomputed metadata path * Build: generate CLI startup metadata during build * Build script: invoke CLI startup metadata generator * CLI routes: preload plugins for routed health * CLI routes tests: assert health plugin preload * CLI: add experimental bundled entry and snapshot helper * Tools: compare CLI startup entries in benchmark script * Docs: add startup tuning notes for Pi and VM hosts * CLI: drop bundled entry runtime toggle * Build: remove bundled and snapshot scripts * Tools: remove bundled-entry benchmark shortcut * Docs: remove bundled startup bench examples * Docs: remove Pi bundled entry mention * Docs: remove VM bundled entry mention * Changelog: remove bundled startup follow-up claims * Build: remove snapshot helper script * Build: remove CLI bundle tsdown config * Doctor: add low-power startup optimization hints * Doctor: run startup optimization hint checks * Doctor tests: cover startup optimization host targeting * Doctor tests: mock startup optimization note export * CLI argv: require strict root-only help fast path * CLI argv tests: cover mixed root-help invocations * CLI channel options: merge metadata with runtime catalog * CLI channel options tests: assert dynamic catalog merge * Changelog: align #30975 startup follow-up scope * Docs tests: remove secondary-entry startup bench note * Docs Pi: add systemd recovery reference link * Docs VPS: add systemd recovery reference link 2026-03-01 14:23:46 -08:00			- `OPENCLAW_NO_RESPAWN=1`
			- `NODE_COMPILE_CACHE=/var/tmp/openclaw-compile-cache`
			`- Keep restart behavior explicit:`
			- `Restart=always`
			- `RestartSec=2`
			- `TimeoutStartSec=90`
			`- Prefer SSD-backed disks for state/cache paths to reduce random-I/O cold-start penalties.`

			`Example:`

			```bash
			`sudo systemctl edit openclaw`
			```

			```ini
			`[Service]`
			`Environment=OPENCLAW_NO_RESPAWN=1`
			`Environment=NODE_COMPILE_CACHE=/var/tmp/openclaw-compile-cache`
			`Restart=always`
			`RestartSec=2`
			`TimeoutStartSec=90`
			```

			How `Restart=` policies help automated recovery:
			`[systemd can automate service recovery](https://www.redhat.com/en/blog/systemd-automate-recovery).`