Phase 8 / Ep 40: 生产部署 —— VPS + Cloudflare Tunnel 的 7×24 运行
🎯 学习目标:将 OpenClaw 部署到 VPS,实现 7×24 小时无人值守运行。
1. 生产架构总览
graph TB
subgraph Cloud["☁️ 云端服务"]
TG["📱 Telegram API"]
DC["💬 Discord API"]
CF["🔒 Cloudflare Tunnel"]
LLM["🧪 Anthropic / OpenAI"]
end
subgraph VPS["🖥️ VPS (Hetzner CX22)"]
subgraph Docker["📦 Docker Compose"]
GW["🦀 Gateway"]
PA["🤖 Personal Agent"]
CA["💻 Code Agent"]
OA["🔧 Ops Agent"]
end
Monitor["📊 Health Monitor\nCron Job"]
Backup["💾 Backup Script"]
end
subgraph Storage["☁️ 对象存储"]
R2["Cloudflare R2\n每日备份"]
end
TG & DC -->|"Webhook"| CF
CF -->|"安全隧道"| GW
GW --> PA & CA & OA
PA & CA & OA -->|"API"| LLM
Monitor -->|"告警"| TG
Backup -->|"每日备份"| R22. VPS 选型
| 服务商 | 规格 | 月费 | 推荐度 |
|---|---|---|---|
| Hetzner CX22 | 2C/4G/40G | €4.35 | ⭐⭐⭐⭐⭐ |
| DigitalOcean | 2C/4G/80G | $24 | ⭐⭐⭐⭐ |
| 阿里云 ECS | 2C/4G/40G | ¥68 | ⭐⭐⭐ |
| Vultr | 2C/4G/80G | $24 | ⭐⭐⭐⭐ |
💡 推荐 Hetzner CX22:性价比之王,欧洲机房延迟可接受。
3. Docker Compose 生产配置
# docker-compose.production.yml
version: '3.8'
services:
openclaw:
image: openclaw/openclaw:latest
container_name: openclaw-prod
restart: always
env_file: .env.production
volumes:
- openclaw-data:/root/.openclaw
- ./workspace:/workspace
ports:
- "127.0.0.1:3377:3377" # 只绑定本地
healthcheck:
test: ["CMD", "openclaw", "status"]
interval: 60s
timeout: 10s
retries: 3
logging:
driver: json-file
options:
max-size: "10m"
max-file: "3"
cloudflared:
image: cloudflare/cloudflared:latest
container_name: cloudflared
restart: always
command: tunnel run
environment:
- TUNNEL_TOKEN=${CLOUDFLARE_TUNNEL_TOKEN}
volumes:
openclaw-data:
4. Cloudflare Tunnel 配置
Cloudflare Tunnel 让你的 VPS 不需要公网 IP 就能接收 Webhook:
# 1. 安装 cloudflared
curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared
chmod +x /usr/local/bin/cloudflared
# 2. 登录
cloudflared tunnel login
# 3. 创建 Tunnel
cloudflared tunnel create openclaw-agent
# 4. 配置 DNS(将 agent.yourdomain.com 指向 Tunnel)
cloudflared tunnel route dns openclaw-agent agent.yourdomain.com
5. 监控与告警
健康检查 Cron
# /etc/cron.d/openclaw-monitor
*/5 * * * * root docker exec openclaw-prod openclaw status || \
curl -s "https://api.telegram.org/bot${BOT_TOKEN}/sendMessage?chat_id=${CHAT_ID}&text=⚠️ OpenClaw 异常!"
资源监控
# 每小时记录资源使用
0 * * * * root echo "$(date): CPU $(top -bn1 | head -3 | tail -1), MEM $(free -h | head -2 | tail -1)" >> /var/log/openclaw-resources.log
6. 备份策略
#!/bin/bash
# backup.sh - 每日自动备份到 Cloudflare R2
DATE=$(date +%Y-%m-%d)
# 备份 OpenClaw 数据
docker run --rm -v openclaw-data:/data -v $(pwd)/backups:/backup \
alpine tar czf /backup/openclaw-${DATE}.tar.gz /data
# 上传到 R2
rclone copy ./backups/openclaw-${DATE}.tar.gz r2:openclaw-backups/
# 清理 7 天前的本地备份
find ./backups -name "*.tar.gz" -mtime +7 -delete
echo "✅ 备份完成: openclaw-${DATE}.tar.gz"
# Cron: 每天凌晨 3 点备份
0 3 * * * root /opt/openclaw/backup.sh >> /var/log/openclaw-backup.log 2>&1
7. 成本核算
| 项目 | 月费 |
|---|---|
| VPS (Hetzner CX22) | €4.35 (~¥35) |
| 域名 | ¥5 (年均) |
| Cloudflare Tunnel | 免费 |
| Cloudflare R2 (10GB) | 免费 |
| Anthropic API(日均 50 次对话) | |
| 总计 | 约 ¥260/月 |
8. 上线清单
- VPS 购买并完成初始化
- Docker + Docker Compose 安装
-
.env.production配置完整 - Cloudflare Tunnel 配置并测试
- Telegram/Discord Bot Token 配置
-
docker compose up -d启动 - 健康检查 Cron 配置
- 备份脚本配置
- 从 Telegram 发送测试消息确认
- 观察 24 小时,确认稳定运行
🎉 恭喜你!
40 期课程全部完成。你现在拥有了:
- ✅ 三种安装方式的实战经验(macOS / Docker / UTM VM)
- ✅ 完整 CLI 命令体系的掌握(30+ 命令 + Telegram 对照表)
- ✅ 四级权限模型的安全认知
- ✅ Skill 和 Plugin 的开发和发布能力
- ✅ Telegram & Discord 的深度集成
- ✅ 多 Agent 军团的编排和管理
- ✅ Session + Memory 完整记忆系统
- ✅ AgentMail + MCP 生态的使用
- ✅ VPS 生产部署的运维能力
你的 Agent 现在住在你自己的服务器上,24 小时待命,拥有完整的记忆,连接着你的 Telegram 和 Discord,能发邮件、写代码、查数据库。
AI 应该属于你自己。 欢迎来到 OpenClaw 的世界。🦀