Claude Skill
openclaw/openclaw-ansible
使用 Ansible 实现自动化、强化的 Clawdbot 部署,集成 Tailscale VPN、UFW 防火墙和 Docker 隔离,确保安全高效的安装。
概览
仓库信息
安装这个 Skill
git clone https://github.com/openclaw/openclaw-ansible.gitRegistry 信息
项目简介
OpenClaw Ansible 是一个自动化、强化的 Clawdbot 部署方案,集成了 Tailscale VPN、UFW 防火墙和 Docker 隔离,确保安全高效的安装。
Automated, hardened Clawdbot installation with Tailscale VPN, UFW firewall, and Docker isolation
要点
- 自动化 Clawdbot 安装
- Tailscale VPN 集成
- UFW 防火墙配置
- Docker 容器隔离
- 强化安全设置
- 基于 Ansible 的部署
使用场景
- 安全的 Clawdbot 部署
- 自动化基础设施设置
- VPN 保护的机器人安装
- 防火墙强化环境
- 容器化应用部署
- DevOps 自动化工作流
README 摘要
# OpenClaw Ansible Installer  [](https://opensource.org/licenses/MIT) [](https://github.com/openclaw/openclaw-ansible/actions/workflows/lint.yml) [](https://www.ansible.com/) [](https://www.debian.org/) Automated, hardened installation of [OpenClaw](https://github.com/openclaw/openclaw) with Docker and Tailscale VPN support for Debian/Ubuntu Linux. ## ⚠️ macOS Support: Deprecated & Disabled **Effective 2026-02-06, support for bare-metal macOS installations has been removed from this playbook.** ### Why? The underlying project currently requires system-level permissions and configurations that introduce significant security risks when executed on a primary host OS. To protect user data and system integrity, we have disabled bare-metal execution. ### What does this mean? * The playbook will now explicitly fail if run on a `Darwin` (macOS) system. * We strongly discourage manual workarounds to bypass this check. * **Future Support:** We are evaluating a virtualization-first strategy (using Vagrant or Docker) to provide a sandboxed environment for this project in the future. ## Features - 🔒 **Firewall-first**: UFW firewall + Docker isolation - 🛡️ **Fail2ban**: SSH brute-force protection out of the box - 🔄 **Auto-updates**: Automatic security patches via unattended-upgrades - 🔐 **Tailscale VPN**: Secure remote access without exposing services - 🐳 **Docker**: Docker CE with security hardening - 🚀 **One-command install*
话题
暂无话题