DigitalOcean offers simple, affordable cloud infrastructure perfect for OpenClaw deployments. This guide covers creating a Droplet, attaching block storage, configuring firewalls, and setting up automatic backups. DigitalOcean's straightforward pricing and intuitive interface make it ideal for small teams and solo developers.
Why This Is Hard to Do Yourself
These are the common pitfalls that trip people up.
Cost vs performance
Choosing the right Droplet size balances cost and performance. Too small and OpenClaw will be slow. Too large and you overpay.
SSH key management
DigitalOcean requires SSH keys for secure access. Password authentication is disabled by default.
Block storage setup
Droplet storage is ephemeral on rebuild. Block storage provides persistent volumes for OpenClaw data.
Networking configuration
Configuring firewalls, floating IPs, and VPCs requires understanding DigitalOcean networking.
Step-by-Step Guide
Create a DigitalOcean Droplet
Launch a new Droplet with appropriate sizing.
# Recommended Droplet sizes:
# - Basic (2GB RAM, 1 vCPU): $12/month - Light usage
# - Basic (4GB RAM, 2 vCPU): $24/month - Moderate usage (recommended)
# - General Purpose (8GB RAM, 2 vCPU): $48/month - Production
# In DigitalOcean Console:
# 1. Create โ Droplets
# 2. Image: Ubuntu 22.04 LTS
# 3. Droplet Type: Basic (4GB RAM, 2 vCPU)
# 4. Datacenter: Choose closest to your users
# 5. VPC: Create new VPC or use existing
# 6. Authentication: SSH keys (upload your public key)
# 7. Hostname: openclaw-productionConfigure Cloud Firewall
Set up firewall rules before installing OpenClaw.
# In DigitalOcean Console:
# Networking โ Firewalls โ Create Firewall
# Name: openclaw-firewall
# Inbound Rules:
# - SSH (22) from YOUR_IP_ADDRESS
# - HTTP (80) from All IPv4, All IPv6 (if using reverse proxy)
# - HTTPS (443) from All IPv4, All IPv6 (if using reverse proxy)
# Outbound Rules:
# - All TCP/UDP to All IPv4, All IPv6 (for API calls)
# Apply to Droplets: openclaw-productionWarning: Do not allow SSH from all IPs (0.0.0.0/0, ::/0). This exposes your Droplet to brute-force attacks.
Connect via SSH and install Docker
SSH into the Droplet and set up Docker.
# SSH into Droplet:
ssh root@<droplet-ip>
# Update system:
apt update && apt upgrade -y
# Install Docker:
curl -fsSL https://get.docker.com | sh
# Install Docker Compose:
curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-composeAttach block storage volume
Create persistent storage for OpenClaw data.
# In DigitalOcean Console:
# Manage โ Volumes โ Create Volume
# - Size: 50GB (adjust as needed)
# - Datacenter: SAME as your Droplet
# - Attach to Droplet: openclaw-production
# Format and mount volume:
mkfs.ext4 /dev/disk/by-id/scsi-0DO_Volume_openclaw-data
mkdir /mnt/openclaw-data
mount -o discard,defaults /dev/disk/by-id/scsi-0DO_Volume_openclaw-data /mnt/openclaw-data
# Add to /etc/fstab:
echo "/dev/disk/by-id/scsi-0DO_Volume_openclaw-data /mnt/openclaw-data ext4 defaults,nofail,discard 0 0" >> /etc/fstabDeploy OpenClaw with Docker Compose
Run OpenClaw on the Droplet.
# Create project directory:
mkdir /root/openclaw
cd /root/openclaw
# Create docker-compose.yml:
cat > docker-compose.yml <<EOF
services:
openclaw:
image: openclaw/openclaw:latest
ports:
- "3000:3000"
volumes:
- /mnt/openclaw-data:/app/data
environment:
- ANTHROPIC_API_KEY=\${ANTHROPIC_API_KEY}
- NODE_ENV=production
restart: unless-stopped
EOF
# Create .env file:
echo "ANTHROPIC_API_KEY=sk-ant-your-key" > .env
# Start OpenClaw:
docker-compose up -dEnable automatic backups
Set up DigitalOcean Droplet backups.
# In DigitalOcean Console:
# Droplets โ openclaw-production โ Backups
# - Enable Backups ($1.20/month for 4GB Droplet)
# - Weekly backups retained for 4 weeksDigitalOcean Setup Taking Too Long?
We deploy production-ready OpenClaw on DigitalOcean with block storage, firewalls, backups, monitoring, and custom domains. Get live in hours.
Get matched with a specialist who can help.
Sign Up for Expert Help โ