AI & ML DevOps General Tech Community Best Practices & Tools All News About Contact
advertisement
AI & ML

🦞 I Self-Hosted OpenClaw on AWS for $0 β€” No Open Ports, No SaaS, No Compromise (Using TailScale)

May 2026 8 min read
🦞 I Self-Hosted OpenClaw on AWS for $0 β€” No Open Ports, No SaaS, No Compromise (Using TailScale)
Back to AI & ML

You can also read it here: https://medium.com/p/5b20907e0fb1

I wanted to run my own AI agent in the cloud, not on my laptop or someone else's hosted dashboard, but completely self-hosted and under my control.

So I deployed OpenClaw on a free tier AWS EC2 instance, secured it with Tailscale, and connected it to Telegram using the Gemini API.

This post walks you through the exact setup. No nonsense. Just what works.

Step 1 – Start a free EC2 instance

AWS Console β†’ EC2 β†’ Start Instance

Set it up like this:

Name: whatever you want

Operating system: Ubuntu 24.04 LTS

Instance type: t3.small

Storage: 50 GB

Security groups: only allow port 22 (SSH), nothing else open

For the key pair: Create a new key pair, give it a name, and download the .pem file.

archive. Keep this file safe - this is how you'll be able to securely SSH into your server from your own machine if you ever need it. Without it, you lose access.

Click Start Instance.

Once it is running, click on the instance β†’ press Connect.

Now choose EC2 Instance Connect β†’ click Connect again. AWS will open a fully browser-based terminal directly within your server. No local terminal configuration needed, just your browser.

After that, you will open your VPS terminal. It will look more or less like this πŸ‘‡

Step 2: Set up Tailscale (do this first)

You can skip this step if it seems too complicated, but it is highly recommended to do so. It takes 5 minutes and makes the entire setup much more secure.

Tailscale creates a private VPN tunnel for your EC2 instance. Once it's running, you'll never need to expose a public IP again – all access is over a secure private network that only your own devices can access.

Think of it this way: Instead of leaving a door open to the Internet, Tailscale gives you a private hallway that only you can walk down.

Run these in your EC2 terminal:

curl -fsSL https://tailscale.com/install.sh | sh

sudo tailscale up

It will print an authentication link - open it, log in and your EC2 will now be part of your private Tailscale network. Install Tailscale also on your local machine and your server will get a private IP like 100.x.x.x

that only your devices can reach.

Then enable Tailscale SSH so you can access your server from your own terminal anytime, anywhere:

sudo tailscale up --ssh

Why this matters: If your EC2 is ever misconfigured and you accidentally expose a port, it doesn't matter: nothing outside your Tailscale network can reach it. It's your silent safety net running in the background.

Step 3: Install OpenClaw

Now let's get OpenClaw up and running. Paste this into your EC2 terminal:

curl -fsSL https://openclaw.ai/install.sh | party

Please wait 5-10 minutes to install it.

Step 4: Connect the Gemini API

Once the installation is complete, OpenClaw will guide you through a setup wizard. Here, I choose the Google Gemini API key.

To get your Gemini API key, go to aistudio.google.com β†’ Get API key β†’ copy it.

One thing worth knowing: Google Cloud offers you $300 in free credits when you create a new account. If you're just experimenting and trying things out, this is really useful: you can run Gemini at full capacity for weeks without paying a dime. Just go to cloud.google.com, create an account and the credits will be much higher. It's worth setting this up before you start.

Select: Model β†’ Google β†’ paste your Gemini API key β†’ set the model to google/gemini-flash-latest

Step 5: Connect Telegram

The wizard will then ask you to set up a channel. Select Telegram.

To create your bot:

Open Telegram β†’ search

@BotFather

β†’ submit/newbot

Follow the instructions - you will generate a bot token

Copy that tab

Now in OpenClaw paste the token you just copied.

Follow the remaining configuration options and then finish the setup.

That's it: OpenClaw is configured. Now restart the daemon to apply everything:

openclaw daemon reset

Yes

Related Coverage

AI & ML

DumbQuestion.ai - Self-Awareness, Prompt Injection, Search Intent... and darkness

AI & ML

Gemini 2.5 Flash vs Claude 3.7 Sonnet: 4 Production Constraints That Made the Decision for Me

AI & ML

I Made Claude Code Think Before It Codes. Here's the Prompt.