You can also read it here: https://medium.com/p/5b20907e0fb1
I wanted to run my own AI agent in the cloud, not on my laptop or someone else's hosted dashboard, but completely self-hosted and under my control.
So I deployed OpenClaw on a free tier AWS EC2 instance, secured it with Tailscale, and connected it to Telegram using the Gemini API.
This post walks you through the exact setup. No nonsense. Just what works.
Step 1 β Start a free EC2 instance
AWS Console β EC2 β Start Instance
Set it up like this:
Name: whatever you want
Operating system: Ubuntu 24.04 LTS
Instance type: t3.small
Storage: 50 GB
Security groups: only allow port 22 (SSH), nothing else open
For the key pair: Create a new key pair, give it a name, and download the .pem file.
archive. Keep this file safe - this is how you'll be able to securely SSH into your server from your own machine if you ever need it. Without it, you lose access.
Click Start Instance.
Once it is running, click on the instance β press Connect.
Now choose EC2 Instance Connect β click Connect again. AWS will open a fully browser-based terminal directly within your server. No local terminal configuration needed, just your browser.
After that, you will open your VPS terminal. It will look more or less like this π
Step 2: Set up Tailscale (do this first)
You can skip this step if it seems too complicated, but it is highly recommended to do so. It takes 5 minutes and makes the entire setup much more secure.
Tailscale creates a private VPN tunnel for your EC2 instance. Once it's running, you'll never need to expose a public IP again β all access is over a secure private network that only your own devices can access.
Think of it this way: Instead of leaving a door open to the Internet, Tailscale gives you a private hallway that only you can walk down.
Run these in your EC2 terminal:
curl -fsSL https://tailscale.com/install.sh | sh
sudo tailscale up
It will print an authentication link - open it, log in and your EC2 will now be part of your private Tailscale network. Install Tailscale also on your local machine and your server will get a private IP like 100.x.x.x
that only your devices can reach.
Then enable Tailscale SSH so you can access your server from your own terminal anytime, anywhere:
sudo tailscale up --ssh
Why this matters: If your EC2 is ever misconfigured and you accidentally expose a port, it doesn't matter: nothing outside your Tailscale network can reach it. It's your silent safety net running in the background.
Step 3: Install OpenClaw
Now let's get OpenClaw up and running. Paste this into your EC2 terminal:
curl -fsSL https://openclaw.ai/install.sh | party
Please wait 5-10 minutes to install it.
Step 4: Connect the Gemini API
Once the installation is complete, OpenClaw will guide you through a setup wizard. Here, I choose the Google Gemini API key.
To get your Gemini API key, go to aistudio.google.com β Get API key β copy it.
One thing worth knowing: Google Cloud offers you $300 in free credits when you create a new account. If you're just experimenting and trying things out, this is really useful: you can run Gemini at full capacity for weeks without paying a dime. Just go to cloud.google.com, create an account and the credits will be much higher. It's worth setting this up before you start.
Select: Model β Google β paste your Gemini API key β set the model to google/gemini-flash-latest
Step 5: Connect Telegram
The wizard will then ask you to set up a channel. Select Telegram.
To create your bot:
Open Telegram β search
@BotFather
β submit/newbot
Follow the instructions - you will generate a bot token
Copy that tab
Now in OpenClaw paste the token you just copied.
Follow the remaining configuration options and then finish the setup.
That's it: OpenClaw is configured. Now restart the daemon to apply everything:
openclaw daemon reset
Yes