openclaw (sha256:dc5a6e6a98809a610c880ee948784807e27c6cfcbd21f04993a5153675f4b0b3)
Published 2026-03-06 00:19:12 -06:00 by treyturner
Installation
docker pull forgejo.treyturner.info/treyturner/openclaw@sha256:dc5a6e6a98809a610c880ee948784807e27c6cfcbd21f04993a5153675f4b0b3sha256:dc5a6e6a98809a610c880ee948784807e27c6cfcbd21f04993a5153675f4b0b3About this package
OpenClaw gateway and CLI runtime container image
Image layers
| # debian.sh --arch 'amd64' out/ 'bookworm' '@1768176000' |
| RUN /bin/sh -c set -eux; apt-get update; apt-get install -y --no-install-recommends ca-certificates curl gnupg netbase sq wget ; rm -rf /var/lib/apt/lists/* # buildkit |
| RUN /bin/sh -c set -eux; apt-get update; apt-get install -y --no-install-recommends git mercurial openssh-client subversion procps ; rm -rf /var/lib/apt/lists/* # buildkit |
| RUN /bin/sh -c set -ex; apt-get update; apt-get install -y --no-install-recommends autoconf automake bzip2 default-libmysqlclient-dev dpkg-dev file g++ gcc imagemagick libbz2-dev libc6-dev libcurl4-openssl-dev libdb-dev libevent-dev libffi-dev libgdbm-dev libglib2.0-dev libgmp-dev libjpeg-dev libkrb5-dev liblzma-dev libmagickcore-dev libmagickwand-dev libmaxminddb-dev libncurses5-dev libncursesw5-dev libpng-dev libpq-dev libreadline-dev libsqlite3-dev libssl-dev libtool libwebp-dev libxml2-dev libxslt-dev libyaml-dev make patch unzip xz-utils zlib1g-dev ; rm -rf /var/lib/apt/lists/* # buildkit |
| RUN /bin/sh -c groupadd --gid 1000 node && useradd --uid 1000 --gid node --shell /bin/bash --create-home node # buildkit |
| ENV NODE_VERSION=22.22.0 |
| RUN /bin/sh -c ARCH= && dpkgArch="$(dpkg --print-architecture)" && case "${dpkgArch##*-}" in amd64) ARCH='x64';; ppc64el) ARCH='ppc64le';; s390x) ARCH='s390x';; arm64) ARCH='arm64';; armhf) ARCH='armv7l';; i386) ARCH='x86';; *) echo "unsupported architecture"; exit 1 ;; esac && export GNUPGHOME="$(mktemp -d)" && set -ex && for key in 5BE8A3F6C8A5C01D106C0AD820B1A390B168D356 DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 CC68F5A3106FF448322E48ED27F5E38D5B0A215F 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C 108F52B48DB57BB0CC439B2997B01419BD92F80A A363A499291CBBC940DD62E41F10027AF002F8B0 ; do { gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" && gpg --batch --fingerprint "$key"; } || { gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" && gpg --batch --fingerprint "$key"; } ; done && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc && gpgconf --kill all && rm -rf "$GNUPGHOME" && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt && ln -s /usr/local/bin/node /usr/local/bin/nodejs && node --version && npm --version && rm -rf /tmp/* # buildkit |
| ENV YARN_VERSION=1.22.22 |
| RUN /bin/sh -c set -ex && export GNUPGHOME="$(mktemp -d)" && for key in 6A010C5166006599AA17F08146C2130DFD2497F5 ; do { gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" && gpg --batch --fingerprint "$key"; } || { gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" && gpg --batch --fingerprint "$key"; } ; done && curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" && curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" && gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz && gpgconf --kill all && rm -rf "$GNUPGHOME" && mkdir -p /opt && tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ && ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn && ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg && rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz && yarn --version && rm -rf /tmp/* # buildkit |
| COPY docker-entrypoint.sh /usr/local/bin/ # buildkit |
| ENTRYPOINT ["docker-entrypoint.sh"] |
| CMD ["node"] |
| LABEL org.opencontainers.image.base.name=docker.io/library/node:22-bookworm org.opencontainers.image.base.digest=sha256:cd7bcd2e7a1e6f72052feb023c7f6b722205d3fcab7bbcbd2d1bfdab10b1e935 org.opencontainers.image.source=https://github.com/openclaw/openclaw org.opencontainers.image.url=https://openclaw.ai org.opencontainers.image.documentation=https://docs.openclaw.ai/install/docker org.opencontainers.image.licenses=MIT org.opencontainers.image.title=OpenClaw org.opencontainers.image.description=OpenClaw gateway and CLI runtime container image |
| RUN /bin/sh -c curl -fsSL https://bun.sh/install | bash # buildkit |
| ENV PATH=/root/.bun/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin |
| RUN /bin/sh -c corepack enable # buildkit |
| WORKDIR /app |
| RUN /bin/sh -c chown node:node /app # buildkit |
| ARG OPENCLAW_DOCKER_APT_PACKAGES= |
| RUN |1 OPENCLAW_DOCKER_APT_PACKAGES= /bin/sh -c if [ -n "$OPENCLAW_DOCKER_APT_PACKAGES" ]; then apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends $OPENCLAW_DOCKER_APT_PACKAGES && apt-get clean && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*; fi # buildkit |
| COPY --chown=node:node package.json pnpm-lock.yaml pnpm-workspace.yaml .npmrc ./ # buildkit |
| COPY --chown=node:node ui/package.json ./ui/package.json # buildkit |
| COPY --chown=node:node patches ./patches # buildkit |
| COPY --chown=node:node scripts ./scripts # buildkit |
| USER node |
| RUN |1 OPENCLAW_DOCKER_APT_PACKAGES= /bin/sh -c NODE_OPTIONS=--max-old-space-size=2048 pnpm install --frozen-lockfile # buildkit |
| USER root |
| ARG OPENCLAW_INSTALL_BROWSER= |
| RUN |2 OPENCLAW_DOCKER_APT_PACKAGES= OPENCLAW_INSTALL_BROWSER= /bin/sh -c if [ -n "$OPENCLAW_INSTALL_BROWSER" ]; then apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends xvfb && mkdir -p /home/node/.cache/ms-playwright && PLAYWRIGHT_BROWSERS_PATH=/home/node/.cache/ms-playwright node /app/node_modules/playwright-core/cli.js install --with-deps chromium && chown -R node:node /home/node/.cache/ms-playwright && apt-get clean && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*; fi # buildkit |
| ARG OPENCLAW_INSTALL_DOCKER_CLI= |
| ARG OPENCLAW_DOCKER_GPG_FINGERPRINT=9DC858229FC7DD38854AE2D88D81803C0EBFCD88 |
| RUN |4 OPENCLAW_DOCKER_APT_PACKAGES= OPENCLAW_INSTALL_BROWSER= OPENCLAW_INSTALL_DOCKER_CLI= OPENCLAW_DOCKER_GPG_FINGERPRINT=9DC858229FC7DD38854AE2D88D81803C0EBFCD88 /bin/sh -c if [ -n "$OPENCLAW_INSTALL_DOCKER_CLI" ]; then apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends ca-certificates curl gnupg && install -m 0755 -d /etc/apt/keyrings && curl -fsSL https://download.docker.com/linux/debian/gpg -o /tmp/docker.gpg.asc && expected_fingerprint="$(printf '%s' "$OPENCLAW_DOCKER_GPG_FINGERPRINT" | tr '[:lower:]' '[:upper:]' | tr -d '[:space:]')" && actual_fingerprint="$(gpg --batch --show-keys --with-colons /tmp/docker.gpg.asc | awk -F: '$1 == "fpr" { print toupper($10); exit }')" && if [ -z "$actual_fingerprint" ] || [ "$actual_fingerprint" != "$expected_fingerprint" ]; then echo "ERROR: Docker apt key fingerprint mismatch (expected $expected_fingerprint, got ${actual_fingerprint:-<empty>})" >&2; exit 1; fi && gpg --dearmor -o /etc/apt/keyrings/docker.gpg /tmp/docker.gpg.asc && rm -f /tmp/docker.gpg.asc && chmod a+r /etc/apt/keyrings/docker.gpg && printf 'deb [arch=%s signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian bookworm stable\n' "$(dpkg --print-architecture)" > /etc/apt/sources.list.d/docker.list && apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends docker-ce-cli docker-compose-plugin && apt-get clean && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*; fi # buildkit |
| USER node |
| COPY --chown=node:node . . # buildkit |
| RUN |4 OPENCLAW_DOCKER_APT_PACKAGES= OPENCLAW_INSTALL_BROWSER= OPENCLAW_INSTALL_DOCKER_CLI= OPENCLAW_DOCKER_GPG_FINGERPRINT=9DC858229FC7DD38854AE2D88D81803C0EBFCD88 /bin/sh -c for dir in /app/extensions /app/.agent /app/.agents; do if [ -d "$dir" ]; then find "$dir" -type d -exec chmod 755 {} +; find "$dir" -type f -exec chmod 644 {} +; fi; done # buildkit |
| RUN |4 OPENCLAW_DOCKER_APT_PACKAGES= OPENCLAW_INSTALL_BROWSER= OPENCLAW_INSTALL_DOCKER_CLI= OPENCLAW_DOCKER_GPG_FINGERPRINT=9DC858229FC7DD38854AE2D88D81803C0EBFCD88 /bin/sh -c pnpm build # buildkit |
| ENV OPENCLAW_PREFER_PNPM=1 |
| RUN |4 OPENCLAW_DOCKER_APT_PACKAGES= OPENCLAW_INSTALL_BROWSER= OPENCLAW_INSTALL_DOCKER_CLI= OPENCLAW_DOCKER_GPG_FINGERPRINT=9DC858229FC7DD38854AE2D88D81803C0EBFCD88 /bin/sh -c pnpm ui:build # buildkit |
| USER root |
| RUN |4 OPENCLAW_DOCKER_APT_PACKAGES= OPENCLAW_INSTALL_BROWSER= OPENCLAW_INSTALL_DOCKER_CLI= OPENCLAW_DOCKER_GPG_FINGERPRINT=9DC858229FC7DD38854AE2D88D81803C0EBFCD88 /bin/sh -c ln -sf /app/openclaw.mjs /usr/local/bin/openclaw && chmod 755 /app/openclaw.mjs # buildkit |
| ENV NODE_ENV=production |
| USER node |
| HEALTHCHECK &{["CMD-SHELL" "node -e \"fetch('http://127.0.0.1:18789/healthz').then((r)=>process.exit(r.ok?0:1)).catch(()=>process.exit(1))\""] "3m0s" "10s" "15s" "0s" '\x03'} |
| CMD ["node" "openclaw.mjs" "gateway" "--allow-unconfigured"] |
| ARG EXTRA_APT_PKGS= EXTRA_NPM_LOCAL_PKGS= EXTRA_NPM_GLOBAL_PKGS= EXTRA_PIP_PKGS= |
| SHELL [/bin/bash -euo pipefail -c] |
| USER root |
| ENV PLAYWRIGHT_BROWSERS_PATH=/home/node/.cache/ms-playwright TERM=xterm-256color |
| RUN |4 EXTRA_APT_PKGS= EXTRA_NPM_LOCAL_PKGS= EXTRA_NPM_GLOBAL_PKGS= EXTRA_PIP_PKGS= /bin/bash -euo pipefail -c apt-get update && apt-get install -y --no-install-recommends bash curl ffmpeg git imagemagick jq openssh-client python3-venv rsync vim yq ${EXTRA_APT_PKGS} && rm -rf /var/lib/apt/lists/* # buildkit |
| RUN |4 EXTRA_APT_PKGS= EXTRA_NPM_LOCAL_PKGS= EXTRA_NPM_GLOBAL_PKGS= EXTRA_PIP_PKGS= /bin/bash -euo pipefail -c npm i -g mcporter @playwright/mcp@0.0.68 ${EXTRA_NPM_GLOBAL_PKGS} && if [[ -n "${EXTRA_NPM_LOCAL_PKGS}" ]]; then npm i ${EXTRA_NPM_LOCAL_PKGS}; fi # buildkit |
| RUN |4 EXTRA_APT_PKGS= EXTRA_NPM_LOCAL_PKGS= EXTRA_NPM_GLOBAL_PKGS= EXTRA_PIP_PKGS= /bin/bash -euo pipefail -c curl -LsSf https://astral.sh/uv/install.sh | sh && ln -sf /root/.local/bin/uv /usr/local/bin/uv # buildkit |
| COPY ticktick-mcp/pyproject.toml ticktick-mcp/uv.lock /app/ticktick-mcp/ # buildkit |
| RUN |4 EXTRA_APT_PKGS= EXTRA_NPM_LOCAL_PKGS= EXTRA_NPM_GLOBAL_PKGS= EXTRA_PIP_PKGS= /bin/bash -euo pipefail -c cd /app/ticktick-mcp && uv sync --frozen --no-dev && if [[ -n "${EXTRA_PIP_PKGS}" ]]; then uv pip install --python .venv/bin/python ${EXTRA_PIP_PKGS}; fi # buildkit |
| RUN |4 EXTRA_APT_PKGS= EXTRA_NPM_LOCAL_PKGS= EXTRA_NPM_GLOBAL_PKGS= EXTRA_PIP_PKGS= /bin/bash -euo pipefail -c PLAYWRIGHT_BROWSERS_PATH=/pw-cache /app/node_modules/.bin/playwright-core install --with-deps chromium && mkdir -p "$PLAYWRIGHT_BROWSERS_PATH" && rsync -a --delete /pw-cache/ "$PLAYWRIGHT_BROWSERS_PATH/" && chown -R node:node "$PLAYWRIGHT_BROWSERS_PATH" && find "$PLAYWRIGHT_BROWSERS_PATH" -type f -name chrome -print -quit > /tmp/chrome_binary_path # buildkit |
| RUN |4 EXTRA_APT_PKGS= EXTRA_NPM_LOCAL_PKGS= EXTRA_NPM_GLOBAL_PKGS= EXTRA_PIP_PKGS= /bin/bash -euo pipefail -c mkdir -p /app/config /home/node/.openclaw/config && ln -sf /home/node/.openclaw/config/mcporter.json /app/config/mcporter.json && chown -R node:node /home/node/.openclaw /app/config && mcporter config add playwright --command /usr/local/bin/playwright-mcp --arg --executable-path --arg "$(cat /tmp/chrome_binary_path && rm -f /tmp/chrome_binary_path >/dev/null 2>&1)" --arg --headless --scope project && mcporter config add ticktick --command /app/ticktick-mcp/.venv/bin/ticktick-sdk --arg server --scope project # buildkit |
| USER node |
| ENV HOME=/home/node |
| RUN |4 EXTRA_APT_PKGS= EXTRA_NPM_LOCAL_PKGS= EXTRA_NPM_GLOBAL_PKGS= EXTRA_PIP_PKGS= /bin/bash -euo pipefail -c openclaw completion --write-state && openclaw completion -i -s bash # buildkit |
Labels
| Key | Value |
|---|---|
| org.opencontainers.image.base.digest | sha256:cd7bcd2e7a1e6f72052feb023c7f6b722205d3fcab7bbcbd2d1bfdab10b1e935 |
| org.opencontainers.image.base.name | docker.io/library/node:22-bookworm |
| org.opencontainers.image.created | 2026-03-03T04:37:36Z |
| org.opencontainers.image.description | OpenClaw gateway and CLI runtime container image |
| org.opencontainers.image.documentation | https://docs.openclaw.ai/install/docker |
| org.opencontainers.image.licenses | MIT |
| org.opencontainers.image.revision | 85377a28175695c224f6589eb5c1460841ecd65c |
| org.opencontainers.image.source | https://github.com/openclaw/openclaw |
| org.opencontainers.image.title | OpenClaw |
| org.opencontainers.image.url | https://openclaw.ai |
| org.opencontainers.image.version | 2026.3.2 |
Details
2026-03-06 00:19:12 -06:00
Versions (91)
View all
Container
4
OCI / Docker
linux/amd64
MIT
1.6 GiB
2026.4.24
2026-04-26
base-7c4370ff8777
2026-04-26
bb4ff8c428f3
2026-04-26
20260426
2026-04-26
daily
2026-04-26