// Self-host guide — how to run ClawAgen on your own infrastructure. function SelfHost() { const shell = useShell(); const tocItems = [ { id: 'why', label: 'Why self-host' }, { id: 'reqs', label: 'What you need' }, { id: 'clone', label: '1. Clone + install' }, { id: 'env', label: '2. Configure env + providers' }, { id: 'local', label: '3. Run locally' }, { id: 'tenant', label: '4. Seed a first tenant' }, { id: 'deploy', label: '5. Deploy to a server' }, { id: 'tls', label: '6. TLS + custom domain' }, { id: 'ops', label: 'Day-2 ops' }, { id: 'backup', label: 'Backups', level: 3 }, { id: 'update', label: 'Updates', level: 3 }, { id: 'uninstall', label: 'Uninstall' }, ]; return (
shell.setSearchOpen(true)} onMenuToggle={() => shell.setMobileMenuOpen(true)} />
shell.setMobileMenuOpen(false)} />
Docs / Deployment / Self-host
Deployment · ~20 min

Self-host ClawAgen.

One VM, one Docker Compose stack, your data. ClawAgen runs on anything that can host Docker — your laptop, a $5 VPS, an Azure/AWS/GCP instance, or your own datacenter. This guide walks from git clone to a live tenant reply.

Why self-host

  • Sovereign data. Every tenant folder lives on your disk — no third party sees MEMORY.md or the agent's history.
  • Model choice. Point providers.yaml at Anthropic, OpenAI, Azure, DeepSeek, Qwen, Kimi, GLM, MiniMax, Bedrock, or any compatible endpoint; swap at any time.
  • No vendor lock-in. MIT-licensed; the whole stack is yours to fork, patch, and run.
  • Predictable cost. Compute is your VM bill. LLM calls are billed by your provider directly — no ClawAgen-side markup.

What you need

  • Host: Linux x86_64 with at least 2 vCPU + 4 GB RAM + 20 GB disk (more comfortable: 8 vCPU / 16 GB).
  • Runtime: Docker 24+ and Docker Compose v2. That's it.
  • Development: Bun 1.3.12+ (for local editing and running without containers).
  • Keys: one LLM API key for your chosen provider; a separate embeddings key (OpenAI text-embedding-3-large recommended).
  • Optional: a domain name + DNS, if you want TLS and a custom URL.

1. Clone + install

$ git clone https://github.com/carrickcheah/ai-agents.git $ cd ai-agents $ make install # runs bun install in agents/, ui/, channel-oauth/` }]} />

2. Configure env + providers

Copy the example env file and fill in your keys:

$ cp agents/.env.example agents/.env $ $EDITOR agents/.env # Required fields DATA_DIR=./data AZURE_OPENAI_API_KEY=sk-... # or the key for your chosen provider AZURE_OPENAI_BASE_URL=https://... AZURE_OPENAI_MODEL=gpt-5.3-chat OPENAI_EMBEDDINGS_API_KEY=sk-... # for text-embedding-3-large` }]} />

For non-Azure providers, edit{' '} agents/config/providers.yaml — the file already ships with commented templates for Anthropic, DeepSeek, Qwen, and AWS Bedrock. Uncomment your choice and set defaults.primary to the provider/model string.

3. Run locally

Two flavors. Pick one:

$ make run # agents → :8000, ui → :8080; Ctrl+C stops both` }, { label: 'Docker Compose', raw: `make up # full stack (agents + redis + ui + caddy) in containers\nmake logs # tail\nmake down # stop`, code: `$ make up # full stack (agents + redis + ui + caddy) in containers $ make logs # tail $ make down # stop` }, ]} /> The bash / exec tools run inside an ephemeral Docker sandbox. Build it once with make sandbox-build before the first run; subsequent runs reuse the image.

4. Seed a first tenant

$ make seed-dev # Output: # → tenant 1 created at ./data/tenants/1/ # → api key: ck_live_... # Keep the key; you'll need it to hit /api/admin.` }]} />

The seed script creates the tenant directory, writes default{' '} IDENTITY.md/SOUL.md/MEMORY.md templates, and mints a signed API key. First API call:

$ curl -N http://localhost:8000/api/admin \\ -H "X-API-Key: $CLAWAGEN_KEY" \\ -H "Content-Type: application/json" \\ -d '{"message":"who are you?"}'` }]} />

5. Deploy to a server

The bundled deploy target rsyncs the repo to your host, builds the sandbox image, and starts the production compose file. Update the VM fields in the Makefile or override on the command line:

# One-time: add the server's IP and your SSH key path $ VM_USER=yourname VM_IP=1.2.3.4 SSH_KEY=~/.ssh/id_ed25519 make deploy # Or edit the defaults in Makefile and run: $ make deploy` }]} />

The target uses docker-compose.azure.yml. If you're not on Azure, copy it to docker-compose.prod.yml, adjust any cloud-specific volume mounts, and update the deploy target to reference your file.

6. TLS + custom domain

The prod compose includes a Caddy container that fetches Let's Encrypt certificates automatically. Point a DNS A record at your host's IP, then edit{' '} infra/Caddyfile:

8000 } app.yourdomain.com { reverse_proxy ui:80 }` }]} />

Redeploy with make deploy. Caddy will obtain certificates on first request; subsequent requests get served over HTTPS with auto-renewal.

Day-2 ops

Backups

/data/tenants/ is the durability boundary — not data.db. Delete a SQLite file and the reindexer rebuilds it from the Markdown. A nightly tar of that directory is enough:

/backups/tenants-$(date +\\%F).tgz\n\n# Optional: push to S3 / Azure Blob / R2`, code: `# Nightly at 02:00 — tar the tenants dir and upload 0 2 * * * docker run --rm -v agents_data:/data \\ alpine tar czf - /data > /backups/tenants-$(date +\\%F).tgz # Optional: push to S3 / Azure Blob / R2` }]} />

Updates

git pull && make deploy. The compose rebuild keeps named volumes (agents_data, redis_data) so tenant files and sessions survive. Downtime is a few seconds while containers swap.

Uninstall

$ make down $ docker volume rm ai-agents_agents_data ai-agents_redis_data $ docker image rm ai-agents-sandbox:latest $ rm -rf ai-agents/` }]} /> Tenant data lives in the agents_data Docker volume. Running docker volume rm erases everything irreversibly. Back up first if you might want anything back.
shell.setSearchOpen(false)} />
); } ReactDOM.createRoot(document.getElementById('root')).render();