1aa7ebcde3
OpenClaw setup, Arrio deployment, WhatsApp MCP server, DNS/Traefik entries, communication style prompts (v1+v2), WhatsApp monitoring system plan, and OpenClaw upgrade protection strategy. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
3.9 KiB
3.9 KiB
OpenClaw AI Gateway - Setup on NUC
Date: 2026-02-12 02:30 Context: Deployed OpenClaw (self-hosted AI assistant gateway) on the NUC via Docker Compose, connected WhatsApp channel.
What Was Done
- Cloned repo on NUC:
git clone https://github.com/openclaw/openclaw.git ~/openclaw - Built Docker image natively on NUC (x86/amd64, no cross-compile):
docker build -t openclaw:local -f Dockerfile . - Created config at
~/.openclaw/openclaw.jsonwith Anthropic Claude model - Generated gateway token:
3547c3f2b7b4a33eb077cf804bcca446057f81ba1578b2045dbb3aa4e04346ee - Started gateway via
docker compose up -d openclaw-gateway - Ran doctor --fix to migrate config schema and create required directories
- Set up Tailscale Serve on port 8443 for HTTPS access (Control UI requires secure context)
- Approved device pairing for browser access
- Configured Anthropic OAuth token (generated via
claude setup-tokenon Mac, valid 1 year) - Enabled WhatsApp plugin and linked via QR code
Key Decisions
- Built on NUC, not Mac — NUC is x86/amd64 so native build is faster than cross-compiling from ARM Mac
- Not deployed via Coolify — OpenClaw uses its own docker-compose with specific volume mounts and CLI container; Coolify would add complexity without benefit
- Tailscale Serve (not Funnel) — Only needs tailnet access, not public internet. Port 8443 (443 taken by Turbostarter)
- API key via env var — Set
ANTHROPIC_API_KEYin both~/.openclaw/openclaw.jsonand~/openclaw/.envfor reliability scriptcommand for QR capture — The CLI needs a TTY for QR display;script -qc '...' /dev/nullfakes a PTY over non-interactive SSH
Issues Encountered & Solutions
| Issue | Cause | Solution |
|---|---|---|
| Config "invalid" after creation | Used legacy agent.model key |
Use agents.defaults.model.primary; run doctor --fix |
| "control ui requires HTTPS" | Web Crypto API needs secure context | Tailscale Serve on port 8443 |
| "pairing required" | New browser device not approved | devices list + devices approve <requestId> via docker exec |
| "unauthorized: gateway token missing" | UI didn't have token | Use dashboard URL with #token=... hash |
CLI docker compose run can't reach gateway |
CLI container gets different Docker IP | Use docker exec into running gateway container instead |
channels login fails "unsupported channel" |
Channel plugin not enabled | plugins enable whatsapp first, then restart gateway |
sudo tailscale serve fails via SSH |
No TTY for sudo password | Must run from interactive SSH session on NUC |
| WhatsApp QR not visible | No TTY in non-interactive SSH | Use script -qc '...' /tmp/output.txt to capture with fake TTY |
Files Modified
~/openclaw/.env— Docker Compose env vars (token, API key, paths)~/openclaw/docker-compose.yml— AddedANTHROPIC_API_KEYenv var to gateway service~/.openclaw/openclaw.json— Gateway config (model, auth, env)/Users/agutierrez/Desktop/nuc/CLAUDE.md— Added full OpenClaw documentation section
Credentials
| Item | Value |
|---|---|
| Gateway Token | 3547c3f2b7b4a33eb077cf804bcca446057f81ba1578b2045dbb3aa4e04346ee |
| Anthropic OAuth Token | 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 (expires ~Feb 2027) |
| NUC sudo password | 7vXHpSTD |
| Control UI URL | https://alezmad-nuc.tail58f5ad.ts.net:8443 |
Container Details
| Container | Image | Status |
|---|---|---|
openclaw-openclaw-gateway-1 |
openclaw:local |
Running |
Connected Channels
- WhatsApp — Linked via QR code, web session active
Related
- OpenClaw GitHub
- OpenClaw Docker Docs
- CLAUDE.md OpenClaw section