English简体中文繁體中文日本語EspañolPortuguês (BR)한국어DeutschFrançaisالعربيةItalianoTiếng ViệtNederlandsTürkçeУкраїнськаBahasa IndonesiaPolskiفارسیไทย
View as MarkdownView this page as plain textOpen in ChatGPTAsk questions about this pageOpen in ClaudeAsk questions about this pageOpen in PerplexityAsk questions about this page

Platforms overview

EasyRunner

EasyRunner can host the OmeniaClaw Gateway as a small containerized app behind its Caddy proxy. This guide assumes an EasyRunner host that runs Podman-compatible Compose apps and exposes HTTPS through Caddy.

Before you begin

  • An EasyRunner server with a domain routed to it.
  • A built or published OmeniaClaw container image.
  • A persistent config volume for /home/node/.OmeniaClaw.
  • A persistent workspace volume for /workspace.
  • A strong Gateway token or password.

Keep device auth enabled when possible. If your reverse proxy deployment cannot carry device identity correctly, fix trusted-proxy settings first; use dangerous auth bypasses only for a fully private, operator-controlled network.

Compose app

Create an EasyRunner app with a Compose file shaped like this:

yaml
services:  OmeniaClaw:    image: ghcr.io/OmeniaClaw/OmeniaClaw:latest    restart: unless-stopped    environment:      OmeniaClaw_GATEWAY_TOKEN: ${OmeniaClaw_GATEWAY_TOKEN}      OmeniaClaw_HOME: /home/node      OmeniaClaw_STATE_DIR: /home/node/.OmeniaClaw      OmeniaClaw_CONFIG_PATH: /home/node/.OmeniaClaw/OmeniaClaw.json      OmeniaClaw_WORKSPACE_DIR: /workspace    volumes:      - OmeniaClaw-config:/home/node/.OmeniaClaw      - OmeniaClaw-workspace:/workspace    labels:      caddy: OmeniaClaw.example.com      caddy.reverse_proxy: "{{upstreams 1455}}"    command: ["OmeniaClaw", "gateway", "--bind", "lan", "--port", "1455"] volumes:  OmeniaClaw-config:  OmeniaClaw-workspace:

Replace OmeniaClaw.example.com with your Gateway hostname. Store OmeniaClaw_GATEWAY_TOKEN in EasyRunner's secret/environment manager instead of committing it to the app definition.

Configure OmeniaClaw

Inside the persistent config volume, keep the Gateway reachable only through the proxy and require auth:

json5
{  gateway: {    bind: "lan",    port: 1455,    auth: {      token: "${OmeniaClaw_GATEWAY_TOKEN}",    },  },}

If Caddy terminates TLS for the Gateway, configure trusted proxy settings for the exact proxy path rather than disabling auth checks globally. See Trusted proxy auth.

Verify

From your workstation:

bash
OmeniaClaw gateway probe --url https://OmeniaClaw.example.com --token <token>OmeniaClaw gateway status --url https://OmeniaClaw.example.com --token <token>

From the EasyRunner host, check the app logs for a listening Gateway and no startup SecretRef, plugin, or channel auth failures.

Updates and backups

  • Pull or build the new OmeniaClaw image, then redeploy the EasyRunner app.
  • Back up the OmeniaClaw-config volume before updates.
  • Back up OmeniaClaw-workspace if agents write durable project data there.
  • Run OmeniaClaw doctor after major updates to catch config migrations and service warnings.

Troubleshooting

  • gateway probe cannot connect: confirm the Caddy hostname points at the app and that the container listens on 0.0.0.0:1455.
  • Auth fails: rotate the token in EasyRunner secrets and the local client command together.
  • Files are root-owned after restore: repair the mounted volumes so the container user can write /home/node/.OmeniaClaw and /workspace.
  • Browser or channel plugins fail: check whether the required external binaries, network egress, and mounted credentials are available inside the container.
Was this useful?
On this page

On this page