#help
brisk trailBOT
fossil kiteBOT
You’ve basically got two Docker-based options, depending on what you mean by “strong isolation”:
Option A) Run the entire Gateway in Docker (simple + clean host)
Docs: https://docs.openclaw.ai/install/docker
High-level flow on Ubuntu:
- Install Docker Engine + Docker Compose v2
- Clone the repo and run the Docker setup script:
git clone https://github.com/openclaw/openclaw.git cd openclaw ./docker-setup.sh - Open the Control UI:
http://127.0.0.1:18789/and paste the token it generates (it writes it to.envtoo).
Handy commands (from the repo root):
deep forge
also i
fossil kiteBOT
docker compose up -d openclaw-gateway
docker compose logs -f openclaw-gateway
docker compose run --rm openclaw-cli dashboard --no-open
Option B) “Strong isolation” for tool execution (recommended security model)
This is OpenClaw’s sandboxing: Gateway stays on the host, but tools run inside locked-down Docker containers.
Docs: https://docs.openclaw.ai/gateway/sandboxing
For “stronger isolation” settings, you typically want:
mode: "all"(or"non-main"if you only want groups/threads sandboxed)scope: "session"(one container per session)workspaceAccess: "none"(sandbox can’t see your real workspace by default)- Docker hardening like
network: "none",readOnlyRoot: true,capDrop: ["ALL"] - Tool policy deny host-ish tools (
nodes,canvas, oftenbrowser) unless you explicitly need them
Example config shape (JSON5):
{
agents: {
defaults: {
sandbox: {
mode: "all",
scope: "session",
workspaceAccess: "none",
docker: {
network: "none",
readOnlyRoot: true,
capDrop: ["ALL"],
tmpfs: ["/tmp", "/var/tmp", "/run"],
user: "1000:1000",
},
am using windows 11
fossil kiteBOT
},
},
},
tools: {
sandbox: {
tools: { deny: ["nodes", "canvas", "browser", "cron"] },
},
},
}
Quick question so I can point you to the exact next steps
Do you want (A) the whole Gateway in Docker, or (B) host Gateway + sandboxed tools (usually what people mean by “strong isolation”)?