Introduction
Environment variables are one of the key ways to configure OpenClaw, and they are especially well-suited for containerized deployments and CI/CD pipelines. This article provides a complete list of all environment variables supported by OpenClaw, along with practical usage examples.
Core Environment Variables
The following are the essential or commonly used core environment variables for running OpenClaw:
| Variable | Description | Default | Example |
|---|---|---|---|
OPENCLAW_PORT |
Gateway listening port | 18789 |
8080 |
OPENCLAW_CONFIG |
Configuration file path | ~/.config/openclaw/openclaw.json5 |
/etc/openclaw/config.json5 |
OPENCLAW_LOG_LEVEL |
Log level | info |
debug |
OPENCLAW_DATA_DIR |
Data storage directory | ~/.local/share/openclaw |
/var/lib/openclaw |
OPENCLAW_HOST |
Listening address | 0.0.0.0 |
127.0.0.1 |
NODE_ENV |
Node.js runtime mode | production |
development |
Usage Examples
# Change listening port and log level
export OPENCLAW_PORT=8080
export OPENCLAW_LOG_LEVEL=debug
openclaw up
Persist settings in ~/.bashrc:
# OpenClaw environment variables
export OPENCLAW_PORT=18789
export OPENCLAW_LOG_LEVEL=info
export OPENCLAW_HOST=0.0.0.0
API Key Environment Variables
API keys for each AI model can be set via environment variables, keeping sensitive information out of configuration files:
| Variable | Corresponding Model | Example |
|---|---|---|
OPENAI_API_KEY |
OpenAI (GPT-4o, etc.) | sk-proj-xxxx |
ANTHROPIC_API_KEY |
Claude | sk-ant-api03-xxxx |
GOOGLE_API_KEY |
Gemini | AIzaSyxxxx |
OPENROUTER_API_KEY |
OpenRouter | sk-or-v1-xxxx |
OLLAMA_BASE_URL |
Ollama local models | http://localhost:11434 |
Multiple Key Configuration
Some models support multiple API keys, and OpenClaw will automatically rotate through them:
# Separate multiple keys with commas
export OPENAI_API_KEY="sk-proj-key1,sk-proj-key2,sk-proj-key3"
API Base URL Override
If you are using a third-party proxy or self-hosted API endpoint:
| Variable | Description | Example |
|---|---|---|
OPENAI_BASE_URL |
OpenAI API address | https://api.your-proxy.com/v1 |
ANTHROPIC_BASE_URL |
Claude API address | https://claude-proxy.example.com |
GOOGLE_BASE_URL |
Gemini API address | https://gemini.your-proxy.com |
# Using a third-party OpenAI proxy
export OPENAI_API_KEY="sk-custom-key"
export OPENAI_BASE_URL="https://api.your-proxy.com/v1"
openclaw up
Channel-Related Environment Variables
| Variable | Description |
|---|---|
WHATSAPP_ENABLED |
Enable WhatsApp (true/false) |
WHATSAPP_SESSION_DIR |
Session data storage directory |
Telegram
| Variable | Description |
|---|---|
TELEGRAM_BOT_TOKEN |
Telegram Bot Token |
TELEGRAM_ALLOWED_USERS |
Allowed user ID list (comma-separated) |
Discord
| Variable | Description |
|---|---|
DISCORD_BOT_TOKEN |
Discord Bot Token |
DISCORD_CLIENT_ID |
Discord application Client ID |
Slack
| Variable | Description |
|---|---|
SLACK_BOT_TOKEN |
Slack Bot Token (xoxb-xxxx) |
SLACK_APP_TOKEN |
Slack App-Level Token (xapp-xxxx) |
SLACK_SIGNING_SECRET |
Slack Signing Secret |
LINE
| Variable | Description |
|---|---|
LINE_CHANNEL_SECRET |
LINE Channel Secret |
LINE_CHANNEL_ACCESS_TOKEN |
LINE Channel Access Token |
Microsoft Teams
| Variable | Description |
|---|---|
TEAMS_APP_ID |
Azure AD Application ID |
TEAMS_APP_PASSWORD |
Azure AD Application Password |
Proxy-Related Environment Variables
| Variable | Description | Example |
|---|---|---|
HTTP_PROXY |
HTTP proxy | http://127.0.0.1:7890 |
HTTPS_PROXY |
HTTPS proxy | http://127.0.0.1:7890 |
ALL_PROXY |
Proxy for all protocols | socks5://127.0.0.1:1080 |
NO_PROXY |
Addresses that bypass the proxy | localhost,127.0.0.1 |
Security-Related Environment Variables
| Variable | Description | Default |
|---|---|---|
OPENCLAW_DASHBOARD_PASSWORD |
Dashboard access password | None |
OPENCLAW_API_SECRET |
Internal API authentication key | Auto-generated |
OPENCLAW_CORS_ORIGIN |
Allowed CORS origins | * |
OPENCLAW_RATE_LIMIT |
Request limit per minute | 60 |
# Set security-related variables
export OPENCLAW_DASHBOARD_PASSWORD="your-strong-password"
export OPENCLAW_CORS_ORIGIN="https://your-domain.com"
export OPENCLAW_RATE_LIMIT=30
.env File Support
OpenClaw supports automatic loading of environment variables from a .env file, eliminating the need to manually export them each time.
Creating a .env File
Create a .env file in the OpenClaw configuration directory:
# ~/.config/openclaw/.env
# Core configuration
OPENCLAW_PORT=18789
OPENCLAW_LOG_LEVEL=info
NODE_ENV=production
# API keys
OPENAI_API_KEY=sk-proj-your-key-here
ANTHROPIC_API_KEY=sk-ant-api03-your-key-here
GOOGLE_API_KEY=AIzaSy-your-key-here
# Channel credentials
TELEGRAM_BOT_TOKEN=123456789:ABCdefGhIjKlMnOpQrStUvWxYz
DISCORD_BOT_TOKEN=MTIzNDU2Nzg5.your-discord-token
# Proxy
HTTPS_PROXY=http://127.0.0.1:7890
# Security
OPENCLAW_DASHBOARD_PASSWORD=my-secure-password
.env File Priority
Environment variable priority from highest to lowest:
- System environment variables — Variables set via
export - .env file — The
.envfile in the configuration directory - Configuration file — Settings in
openclaw.json5 - Default values — OpenClaw's built-in defaults
Notes
# Values in the .env file do not need the export keyword
# Correct
OPENCLAW_PORT=8080
# Incorrect
export OPENCLAW_PORT=8080
# Quotes are required when values contain spaces
OPENCLAW_DASHBOARD_PASSWORD="my password with spaces"
# Comments are supported
# This is a comment
# Variable references are not supported
# The following will not work
# OPENCLAW_DATA_DIR=$HOME/.openclaw
Docker Environment Variables
When deploying OpenClaw in Docker, environment variables are the recommended configuration method.
docker run Method
docker run -d \
--name openclaw \
-p 18789:18789 \
-e OPENAI_API_KEY="sk-proj-xxxx" \
-e ANTHROPIC_API_KEY="sk-ant-xxxx" \
-e TELEGRAM_BOT_TOKEN="your-token" \
-e OPENCLAW_LOG_LEVEL="info" \
-e OPENCLAW_DASHBOARD_PASSWORD="secure-pwd" \
openclaw/openclaw:latest
docker-compose Method
# docker-compose.yml
services:
openclaw:
image: openclaw/openclaw:latest
ports:
- "18789:18789"
environment:
- OPENCLAW_PORT=18789
- OPENCLAW_LOG_LEVEL=info
- NODE_ENV=production
- OPENAI_API_KEY=sk-proj-xxxx
- ANTHROPIC_API_KEY=sk-ant-xxxx
- TELEGRAM_BOT_TOKEN=your-token
volumes:
- openclaw-data:/data
volumes:
openclaw-data:
Using env_file
A more secure approach is to keep secrets in a separate env file:
# docker-compose.yml
services:
openclaw:
image: openclaw/openclaw:latest
ports:
- "18789:18789"
env_file:
- .env.openclaw
volumes:
- openclaw-data:/data
# .env.openclaw
OPENAI_API_KEY=sk-proj-xxxx
ANTHROPIC_API_KEY=sk-ant-xxxx
TELEGRAM_BOT_TOKEN=your-token
OPENCLAW_DASHBOARD_PASSWORD=secure-pwd
Remember to add .env.openclaw to both .gitignore and .dockerignore.
Viewing Current Environment Variables
Use the openclaw config get command to view the currently active configuration (including values from environment variables):
# View all configuration
openclaw config get
# View a specific configuration item
openclaw config get port
openclaw config get log.level
# View all API keys (displayed masked)
openclaw config get models
Summary
Environment variables provide a flexible way to configure OpenClaw. Here are some usage recommendations:
- Sensitive information (API keys, passwords) should preferably be stored in environment variables or
.envfiles rather than in configuration files - Docker deployments should use
env_filefor centralized variable management, ensuring the file is not committed to version control - Development environments benefit from
.envfiles for convenience; production environments should use system-level environment variables or secret management services - Remember the priority order: system environment variables >
.envfile > configuration file > default values