Connect a Remote Docker host
Register a private Docker server, VPS, or cloud VM with Nora, deploy an OpenClaw agent to it over SSH, and verify the complete lifecycle path.Remote Docker is Nora’s experimental bring-your-own-compute path. The Nora control plane stays on your existing installation while the selected agent containers run on a Docker machine that you own. For the complete trust model, workspace-sharing behavior, capacity limits, Hermes API path, backup semantics, and safe host-retirement procedure, use the Remote Docker backend reference.
Before you start
Prepare the following:- a self-hosted Nora control plane with a valid
ENCRYPTION_KEY; - a Linux server or VM with a running Docker Engine and enough CPU, memory, disk, and image-cache capacity for the agents you plan to run;
- a stable private hostname or IP address reachable from Nora’s
backend-api,worker-provisioner, and, if you use managed backups,worker-backupservices; - an SSH account that can manage Docker without an interactive password or
sudoprompt; - a dedicated SSH private key when possible; and
- remote-host outbound DNS and HTTPS access to the image registries, model providers, and integrations used by the agent.
Nora launches Linux container images. A Linux Docker host is the lowest-risk path. Docker Desktop,
rootless Docker, macOS, Windows, and non-default Docker contexts are not part of a certified host
matrix and require your own end-to-end validation.
1. Prove Docker access from the private network
From a machine with the same private route and firewall policy as the Nora services, verify that the intended SSH user reaches the intended Docker daemon without an interactive prompt:2. Reserve a private agent port range
Remote OpenClaw agents publish their gateway and runtime ports on the registered machine. Remote Hermes uses published runtime and dashboard ports as well. Nora allocates each port independently per registered host from the configured Docker agent range. The default is19000-19999. You can choose a smaller subrange, but both boundaries must remain
inside that envelope:
Do not add
remote-docker to ENABLED_BACKENDS. A registered and successfully tested host is
injected dynamically as a concrete execution target such as remote:build-host.3. Register the machine
- Sign in to Nora and open App -> Remote Hosts (
/app/remote-hosts). - Enter a distinctive Label. Nora derives the stable
remote:<id>target from it. - Enter the private SSH host, Port, and SSH user.
- Leave Gateway address empty when Nora should reach agent ports through the SSH hostname. Otherwise enter the private hostname or IP used for agent traffic. Do not include a scheme or port.
- Choose SSH private key or Password authentication. Private-key authentication is preferred.
- Select Register host.
ENCRYPTION_KEY before storing them.
The API never returns the stored secret values. When you edit a host, leave a secret field blank to
keep the current value.
4. Test and pin the SSH host key
Select Test on the registered host from a network where you can independently trust the endpoint. The first successful test:- opens SSH from
backend-apiunder a 10-second overall probe deadline; - runs
docker version --format '{{.Server.Version}}'as the registered user; and - captures and pins the SSH host key presented by the server.
5. Deploy an agent
- Add a real model provider under Settings if you have not already done so.
- Open Deploy and choose OpenClaw.
- Under Execution Target, select the registered host by label and
remote:<id>. - Choose the Standard sandbox, configure the agent and resources, then deploy.
- Follow the deployment state until the agent reports ready.
6. Verify the full operator loop
Treat the first agent as disposable and verify more than the connection badge:- the deployment reaches
runningand readiness succeeds; - Chat, Logs, Terminal, and lifecycle actions work through Nora;
- restart succeeds without changing the selected
remote:<id>target; - the remote machine shows the expected Nora-managed container and published ports;
- the configured agent port range is unreachable from untrusted networks;
- provider and registry calls work from inside the remote workload;
- backup and copy-restore succeed if you plan to rely on managed backups; and
- a successful agent deletion removes the remote container and both Nora-managed volumes. If a volume cannot be removed, Nora reports cleanup failure and keeps the agent record so deletion can be retried after the Docker volume problem is corrected.
Troubleshooting fast path
For workspace sharing, grant revocation, cleanup after a missing SSH pin, disk behavior, backups, and
the full symptom matrix, continue to the Remote Docker backend
reference.

