← Back to PRs

#6527: feat(docker): add macOS-specific Docker setup with permission fixes

by inavhq open 2026-02-01 19:10 View on GitHub →
docs docker
Cluster: Docker and Deployment Improvements
## Problem Running OpenClaw in Docker on macOS fails due to permission and path issues: - macOS users have uid 501, Docker node user has uid 1000 - Volume-mounted files keep host permissions → permission errors - Config paths like `/Users/username/...` do not exist in the container - `gateway.bind: loopback` (default) makes the web UI unreachable Related issues: #2781, #3407, #4076, #2434 ## Solution Add dedicated macOS Docker files: ### Dockerfile.macos - Uses `gosu` for proper user switching - **Installs Bun via npm with pinned version** (`npm install -g bun@1.2.0`) - avoids curl|bash supply chain risk - Smart entrypoint that: - Creates `/Users/<user>` → `/home/node` symlink for path compatibility - Only chowns essential dirs (skips `.git` to avoid hanging on pack files) - Properly drops to node user after permission fixes ### docker-compose.macos.yml - Security hardening: - `no-new-privileges: true` - `cap_drop: ALL` with minimal `cap_add` - `tmpfs` for `/tmp` - `OPENCLAW_HOST_USER` env var for symlink creation - Forces `bind: lan` (overrides loopback default) - **Documents `$USER`/`$HOME` requirements** with .env file instructions - **Removed explicit `container_name`** to allow multiple instances ### docs/platforms/macos-docker.md - Complete setup guide - Troubleshooting section - Security recommendations (exec allowlist, credential permissions) - **Clarified browser curl command is for host**, not container ## Testing - Tested on macOS Sonoma with Docker Desktop - Web UI accessible at http://localhost:18789 - Telegram provider connects successfully - Exec commands work with allowlist ## Usage ```bash # Build docker build -f Dockerfile.macos -t openclaw:macos . # Run docker compose -f docker-compose.macos.yml up -d ``` ## Greptile Feedback Addressed - ✅ [P0] Replaced `curl | bash` with pinned npm install - ✅ [P0] Fixed trailing comma in YAML - ✅ [P1] Removed explicit container_name - ✅ [P2] Added USER/HOME documentation - ✅ [P2] Clarified curl command is for host

Most Similar PRs

#19229: feat: add Apple Container setup with Docker/Podman fallbacks
by navingate · 2026-02-17
74.3%
#9999: Docker: fix token mismatch and add dev setup workflow
by benclarkeio · 2026-02-06
73.7%
#23313: feat(docker): add optional build-arg OPENCLAW_INSTALL_DOCKER_CLI to...
by zhuxuwei88-bot · 2026-02-22
73.3%
#11333: fix(docker): align host directory ownership with container user
by liuxiaopai-ai · 2026-02-07
73.2%
#13737: Docker: harden UID/GID remap and docker-setup flow, convenience upd...
by ramarnat · 2026-02-10
73.1%
#6698: feat: Add CLI wrapper for Docker integration and update documentation
by barshopen · 2026-02-01
72.6%
#3513: fix(docker): add MOLTBOT_STATE_DIR to resolve permission error
by Suksham-sharma · 2026-01-28
71.3%
#6631: fix: configure npm global prefix for non-root user in Docker
by tjetzinger · 2026-02-01
70.4%
#11553: feat(docker): add sandbox browser service and documentation
by dangphdh · 2026-02-08
70.4%
#22344: feat(docker): add pre-built image mode for docker-setup
by AIflow-Labs · 2026-02-21
70.4%