KrustyPlanet/openboatmobile-ai
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openboatmobile-ai/docs/DIGITALOCEAN_SETUP.md
CeeLo Greenheart a593af9b27 Initial commit - Clean public release 
Sanitized for public release:
- Removed all API keys, tokens, and secrets
- Removed personal Discord IDs from hermes-openclaw.json
- Updated git URLs to be generic placeholders
- All sensitive data uses environment variable interpolation
2026-04-22 19:13:28 +00:00

3.9 KiB
Raw Blame History

DigitalOcean Setup

Detailed guide for deploying OpenBoatmobile to DigitalOcean.

When to Use DigitalOcean

Factor Hetzner DigitalOcean
Price €4.49/mo (cx23) $24/mo (s-2vcpu-4gb)
US West Coast No Yes (SFO2, SFO3)
Documentation Good Excellent
One-click apps Limited Extensive
Support Ticket Ticket + Premium

Use DigitalOcean if:

  • You're on the US West Coast (SFO has better latency than Ashburn)
  • You already have DO credits/promo codes
  • You prefer DO's documentation and ecosystem

Create DigitalOcean Account

  1. Go to DigitalOcean
  2. Sign up
  3. Add a payment method ($5 minimum)

Create API Token

  1. Go to DO API Settings
  2. Click Generate New Token
  3. Name it (e.g., "openclaw-terraform")
  4. Permissions: Read & Write
  5. Copy the token immediately (shown only once)

Add SSH Key

  1. Go to DO Security Settings
  2. Click Add SSH Key
  3. Paste your public key contents: 
    cat ~/.ssh/id_ed25519.pub
  4. Give it a name
  5. Click Add SSH Key

Get the Fingerprint

Terraform needs the fingerprint, not the name:

ssh-keygen -lf ~/.ssh/id_ed25519.pub
# Output: 256 SHA256:abc123... your@email.com (ED25519)

The fingerprint is the part after SHA256: and before the email.

TF_VAR_ssh_key_fingerprints='["abc123..."]'

Choose a Region

Code Location Notes
nyc1 New York US East
nyc3 New York US East (recommended)
sfo2 San Francisco US West
sfo3 San Francisco US West
ams3 Amsterdam Europe
lon1 London Europe
sgp1 Singapore Asia

Configure OpenBoatmobile

Minimal Configuration

In terraform.tfvars:

provider = "digitalocean"

server_name               = "my-agent"
droplet_size_digitalocean = "s-2vcpu-4gb"
region_digitalocean       = "nyc3"

# These come from environment:
# TF_VAR_do_token
# TF_VAR_venice_api_key
# TF_VAR_ssh_key_fingerprints

Droplet Sizes

Size vCPU RAM Disk Price
s-1vcpu-2gb 1 2 GB 50 GB $12/mo
s-2vcpu-4gb 2 4 GB 80 GB $24/mo (recommended)
s-2vcpu-8gb 2 8 GB 160 GB $48/mo
s-4vcpu-8gb 4 8 GB 160 GB $64/mo

The s-2vcpu-4gb is the sweet spot for OpenClaw.

Deploy

# Load secrets
source .env

# Initialize (first time only)
terraform init

# Preview changes
terraform plan

# Deploy
terraform apply

Post-Deployment

Terraform outputs:

server_ip = "123.45.67.89"
ssh_command = "ssh openclaw@123.45.67.89"  # or "ssh hermes@123.45.67.89" for Hermes

Connect

# Username is 'openclaw' or 'hermes' depending on framework
ssh <USERNAME>@123.45.67.89

Run OpenClaw Onboarding

openclaw onboard --install-daemon

Firewall Rules

OpenBoatmobile creates a DigitalOcean firewall with:

Direction Port Source
Inbound 22 (SSH) Configured IPs
Outbound All Any

To restrict SSH to your IP:

TF_VAR_ssh_allowed_ips='["your.public.ip/32"]'

Cleanup

terraform destroy

Troubleshooting

"SSH Key fingerprint not found"

  • Use the fingerprint, not the name
  • The fingerprint is shown in DO Console under Security
  • Make sure there are no extra spaces

"API Token invalid"

  • Regenerate the token
  • Copy immediately (shown only once)
  • Check for trailing spaces in .env

Droplet created but can't SSH

  • Wait 2-3 minutes for cloud-init
  • Verify your key fingerprint is correct
  • Check firewall allows your IP

"Rate limit exceeded"

  • DO has API rate limits
  • Wait a few minutes and retry
  • Use terraform plan sparingly before apply