linux系统通过docker安装openclaw(龙虾)保姆级教程
最近本人在测试服务器搭建龙虾被折磨坏了,特发此教程无脑复制粘贴即可成功搭建龙虾
前提条件:有docker 20以上 越新越好 有docker compose 有镜像alpine/openclaw:latest
mkdir -p /opt/openclaw/{config,data,logs}
groupadd -g 2000 openclaw
useradd -u 2000 -g openclaw -M -s /sbin/nologin openclaw 给龙虾创建用户 为了保证安全
cd /opt/openclaw
vim docker-compose.yml
version: '3.8'
volumes:
openclaw_data:services:
openclaw-gateway:
image: alpine/openclaw:latest
container_name: openclaw-gateway-prod
restart: unless-stopped
environment:
- NODE_ENV=production
- OPENCLAW_TOKEN=${OPENCLAW_TOKEN}
volumes:
- openclaw_data:/data
- ./config:/config:ro
- ./logs:/logs:rw
ports:
- "127.0.0.1:18789:18789"
mem_limit: 2g
cpus: 2
healthcheck:
test: ["CMD-SHELL", "wget -qO- http://localhost:18789/health || exit 1"]
interval: 30s
timeout: 5s
retries: 3
start_period: 60s
logging:
driver: "json-file"
options:
max-size: "100m"
max-file: "5"
compress: "true"
chown -R www.www /opt/openclaw/* 授权
直接启动好吧
docker compose up -d
docker logs openclaw-gateway-prod 自己看日志 基本没问题 有小问题自己复制问ai怎么办
龙虾只能127.0.0.1访问,还需要https访问才行 不然会报错 我们直接用nginx进行反向代理,没证书直接用我的命令好吧
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout cert.key -out cert.crt
yum -y install nginx
vim /etc/nginx/conf.d/openclaw.conf
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}server {
listen 443 ssl http2;
server_name openclaw.your-domain.com; # 改成你自己的域名# 你的证书路径(已按你提供的写好)
ssl_certificate /etc/nginx/ssl/cert.crt;
ssl_certificate_key /etc/nginx/ssl/cert.key;ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;add_header Strict-Transport-Security "max-age=31536000" always;
# ✅ 修复 WebSocket 1006 断开(核心)
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;# ✅ 长超时(防止AI流式断开)
proxy_connect_timeout 600s;
proxy_send_timeout 600s;
proxy_read_timeout 600s;location / {
proxy_pass http://127.0.0.1:18789;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";# Origin 头修正(解决安全校验失败)
proxy_set_header Origin "http://127.0.0.1:18789";# 其他必要头
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;# 关闭缓冲(WebSocket 不能缓冲)
proxy_buffering off;# 超时设置(防止长连接被代理超时断开)
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
}
}# HTTP 自动跳转 HTTPS
server {
listen 80;
server_name openclaw.your-domain.com;
return 301 https://$host$request_uri;
}
必须用我的配置 要不会有1006问题等各种问题,很麻烦,证书就放在配置里的目录就行,没有就自己创建目录放进去。
直接访问 https://ip
token位置:
docker exec -it openclaw-gateway-prod /bin/bash 进入容器
找/home/node/.openclaw/openclaw.json 在里面有
还有一个设备配对问题,用浏览器就有这问题
docker exec -it openclaw-gateway-prod /bin/bash 进入容器
输入 openclaw devices list
openclaw devices approve e1dd0fdc-973e-4b26-b05d-cd59c49a7328 手动同意一下就行
大功告成,有别的问题评论区问我。
更多推荐

所有评论(0)