Selig
4c966a3ad2
6 custom skills (assign-task, dispatch-webhook, daily-briefing, task-capture, qmd-brain, tts-voice) with technical documentation. Compatible with Claude Code, OpenClaw, Codex CLI, and OpenCode.
1.5 KiB
Docker Documentation - OpenClaw
Overview
OpenClaw's Docker support is optional. Docker is optional. Use it only if you want a containerized gateway or to validate the Docker flow.
Key Use Cases
Docker suits you if you need isolation or want to avoid local installations. The guide covers two main scenarios:
- Containerized Gateway - Full OpenClaw running in Docker
- Agent Sandbox - Host gateway with Docker-isolated agent tools
Quick Start
The recommended approach uses a setup script that builds the gateway image, runs onboarding, and starts services via Docker Compose. After completion, users access the Control UI at http://127.0.0.1:18789/.
Configuration Options
The documentation provides several optional environment variables:
OPENCLAW_DOCKER_APT_PACKAGES- Install system packages during buildOPENCLAW_EXTRA_MOUNTS- Add additional bind mountsOPENCLAW_HOME_VOLUME- Persist container home directory
Agent Sandboxing
When enabled, non-main sessions run tools inside isolated Docker containers while the gateway remains on the host. Key features include:
- Configurable scope (per-session or per-agent)
- Workspace access controls (none, read-only, read-write)
- Tool allow/deny policies
- Auto-pruning of idle containers
Security Considerations
The default image runs as non-root user for security. Hard isolation only applies to tools (exec/read/write/edit/apply_patch) and allowing browser access in sandbox breaks isolation.