#I want my OpenClaw agent to run shell commands on my VPS host

1 messages · Page 1 of 1 (latest)

atomic hemlock
#

I want my OpenClaw agent to run shell commands on my VPS host (not inside the container). The gateway runs in Docker. Is there a headless node host I can run on the VPS to allow exec host=node? How do I set it up?"

maiden escarpBOT
#

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> ✅ Mark Solution

atomic hemlock
#

@vale moth

vale mothBOT
#

Yep — that’s exactly what the headless node host is for.
Your setup should be:

  • Gateway in Docker (VPS)
  • Node host on the VPS OS (outside container)
  • Agent uses exec host=node to run on VPS host

Before debugging, can you also share openclaw --version? (on the VPS host where you run openclaw node ...)

1) Start node host on the VPS host OS

export OPENCLAW_GATEWAY_TOKEN="<your gateway token>"
openclaw node run --host 127.0.0.1 --port 18789 --display-name "VPS Host Node"

If you want it as a service:

# 
openclaw node install --host 127.0.0.1 --port 18789 --display-name "VPS Host Node"
openclaw node restart

2) Approve pairing (from gateway side)

docker compose run --rm openclaw-cli devices list
docker compose run --rm openclaw-cli devices approve <requestId>
docker compose run --rm openclaw-cli nodes status

3) Route exec to that node by default

docker compose run --rm openclaw-cli config set tools.exec.host node
docker compose run --rm openclaw-cli config set tools.exec.security allowlist
# 
docker compose run --rm openclaw-cli config set tools.exec.node "VPS Host Node"

(Or per chat session: /exec host=node security=allowlist node=VPS Host Node)

4) Add allowlist entries for commands

docker compose run --rm openclaw-cli approvals allowlist add --node "VPS Host Node" "/usr/bin/uname"

If this doesn’t connect, check gateway.bind in Docker setup (for host access it should be lan, not loopback).

Docs:

atomic hemlock
#

I''m trying to set up a headless node host on my VPS (gateway runs in Docker). I run openclaw node run --host 127.0.0.1 --port 18789 but it says pairing required. I can't approve from the CLI either because it also says pairing required. The Control UI is not accessible from outside. How do I approve the node pairing in this setup?