Claude Skill
openclaw/openclaw-ansible
Automated, hardened Clawdbot deployment using Ansible with Tailscale VPN, UFW firewall, and Docker isolation for secure, efficient setup.
Overview
Repository
Install this Skill
git clone https://github.com/openclaw/openclaw-ansible.gitRegistry
Summary
OpenClaw Ansible is an automated, hardened deployment solution for Clawdbot, integrating Tailscale VPN, UFW firewall, and Docker isolation for secure and efficient setup.
自动化、强化的Clawdbot部署方案,集成Tailscale VPN、UFW防火墙与Docker隔离
Key features
- Automated Clawdbot installation
- Tailscale VPN integration
- UFW firewall configuration
- Docker container isolation
- Hardened security setup
- Ansible-based deployment
Use cases
- Secure Clawdbot deployment
- Automated infrastructure setup
- VPN-protected bot installations
- Firewall-hardened environments
- Containerized application deployment
- DevOps automation workflows
README excerpt
# OpenClaw Ansible Installer  [](https://opensource.org/licenses/MIT) [](https://github.com/openclaw/openclaw-ansible/actions/workflows/lint.yml) [](https://www.ansible.com/) [](https://www.debian.org/) Automated, hardened installation of [OpenClaw](https://github.com/openclaw/openclaw) with Docker and Tailscale VPN support for Debian/Ubuntu Linux. ## ⚠️ macOS Support: Deprecated & Disabled **Effective 2026-02-06, support for bare-metal macOS installations has been removed from this playbook.** ### Why? The underlying project currently requires system-level permissions and configurations that introduce significant security risks when executed on a primary host OS. To protect user data and system integrity, we have disabled bare-metal execution. ### What does this mean? * The playbook will now explicitly fail if run on a `Darwin` (macOS) system. * We strongly discourage manual workarounds to bypass this check. * **Future Support:** We are evaluating a virtualization-first strategy (using Vagrant or Docker) to provide a sandboxed environment for this project in the future. ## Features - 🔒 **Firewall-first**: UFW firewall + Docker isolation - 🛡️ **Fail2ban**: SSH brute-force protection out of the box - 🔄 **Auto-updates**: Automatic security patches via unattended-upgrades - 🔐 **Tailscale VPN**: Secure remote access without exposing services - 🐳 **Docker**: Docker CE with security hardening - 🚀 **One-command install*
Topics
No topics yet.