← Back to catalog
OpenClaw (GNOME)

OpenClaw (GNOME)

v1.0.0

Open-source AI assistant with GNOME desktop, Caddy reverse proxy, and RDP access

Install

$curl -fsSL https://virtua.sh/i/openclaw-gnome | bash
No server?Virtua.Cloud →

What's included

  • OpenClaw -- open-source personal AI assistant (MIT license)
  • Caddy reverse proxy with auto-HTTPS, basic auth, and WebSocket support
  • GNOME desktop with RDP access via xrdp
  • VS Code, Firefox, Chromium
  • Docker, Go, Rust, Node.js 22, Python + uv
  • Playwright with Chromium and Firefox

Security hardening

  • Gateway bound to 127.0.0.1 only (never exposed directly)
  • Token-based gateway auth with trusted proxy config
  • Caddy: HSTS, X-Content-Type-Options, X-Frame-Options, Referrer-Policy
  • X-Forwarded-For overwrite (not append) to prevent IP spoofing
  • mDNS discovery disabled
  • WebSocket transport pinned to HTTP 1.1/2 for stability

After install

  • Open the web UI URL shown at the end of install
  • Run onboarding to connect LLMs and channels: openclaw onboard
  • Connect via RDP on port 3389 with the shown credentials

Supported Operating Systems

Ubuntu 24Ubuntu 25Debian 12Debian 13Rocky 9Rocky 10Alma 9Alma 10

Requirements

RAM
4GB minimum
Disk
15GB minimum

Configuration

VariableDefaultDescription
OPENCLAW_HOSTserver hostnameDomain name or IP. Domains get auto-HTTPS via Let's Encrypt.
OPENCLAW_AUTH_USERadminUsername for web UI basic auth
OPENCLAW_AUTH_PASSrandom 24-charPassword for web UI basic auth
VIRTUA_USERclawdenSystem user for the agent
VIRTUA_PASSrandom 24-charUser password for RDP login
1 installsOfficial website →

Changelog

v1.0.02026-04-02
  • Initial release
  • Caddy reverse proxy with basic auth, HSTS, and WebSocket support
  • Gateway hardened (loopback-only, token auth, trusted proxies)
  • GNOME desktop with RDP via xrdp
  • VS Code, Firefox, Chromium
  • Full dev environment: Docker, Go, Rust, Node.js, Python