DigitalOcean (VPS)

Scope

Use this guide if you want an always-on Gateway on a small DigitalOcean droplet and you’re OK managing a Linux VM (SSH, updates, and basic hardening).

If you prefer a containerized setup, start with /docs/install/docker/.

Prerequisites

A DigitalOcean account and a new Ubuntu droplet (Ubuntu 24.04 LTS is a good default)
SSH access to the droplet
Node.js 22 runtime (this guide installs it)

Setup (quick path)

1) Create a droplet

Create a Basic droplet (1 vCPU / 1GB RAM is enough to start) and note its public IP.

2) SSH into the VM

ssh root@YOUR_DROPLET_IP

3) Install Node.js and Moltbot

apt update && apt upgrade -y

# Node.js 22
curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
apt install -y nodejs

# Moltbot installer (CLI + onboarding)
curl -fsSL https://clawd.bot/install.sh | bash

moltbot --version

4) Run onboarding and install the Gateway service

moltbot onboard --install-daemon

5) Verify

moltbot status
moltbot health

systemctl --user status moltbot-gateway.service
journalctl --user -u moltbot-gateway.service -f

Access the Control UI (recommended options)

By default, it’s safest to keep the Gateway on loopback and access it from your laptop.

Option A: SSH tunnel (simple and safe)

ssh -L 18789:localhost:18789 root@YOUR_DROPLET_IP

Then open http://localhost:18789/.

Option B: Tailscale Serve (HTTPS on your tailnet)

Install Tailscale on the VM and bring it up, then:

moltbot config set gateway.tailscale.mode serve
moltbot gateway restart

Notes:

Serve keeps the Gateway loopback-only and uses Tailscale identity headers.
If you want to require a token/password even with Serve, disable Tailscale auth passthrough in config.

Option C: Tailnet bind (no Serve)

moltbot config set gateway.bind tailnet
moltbot gateway restart

Low-memory tip (1GB droplets)

If you see OOMs, add swap:

fallocate -l 2G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
echo '/swapfile none swap sw 0 0' >> /etc/fstab