Skip to main content
Project 4 min read

OpenClaw on Cloudflare Workers

Run OpenClaw personal AI assistant serverlessly on Cloudflare Workers with multi-channel bot support, device pairing auth, and persistent storage.

Originally published:

GitHub by greenisagoodcolor

OpenClaw on Cloudflare Workers: Run Your Personal AI Assistant Serverlessly

OpenClaw (formerly Moltbot) is a personal AI assistant platform with a gateway architecture that enables multi-channel connectivity and extensible AI capabilities. This project packages OpenClaw to run entirely on Cloudflare Workers' Sandbox container runtime, eliminating the need for traditional self-hosted infrastructure while maintaining full control over your AI assistant deployment.

What is OpenClaw?

OpenClaw is a sophisticated gateway-based AI assistant that bridges multiple communication platforms while maintaining secure device management and persistent conversation context. It provides a unified control surface for deploying Claude-powered agents across Telegram, Discord, Slack, and web interfaces.

Core Features

  • Web Control UI — Browser-based chat interface for direct interaction with your assistant at the gateway level
  • Multi-Channel Support — Connect Telegram, Discord, and Slack bots to route messages through a single AI instance
  • Device Pairing Authentication — Secure DM-based authentication requiring explicit admin approval for new devices
  • Persistent Conversations — Chat history and context preservation across sessions using optional R2 storage
  • Agent Runtime — Extensible architecture supporting custom skills and workspace integration
  • Cloudflare Integration — Native Cloudflare Access for identity management, Browser Rendering for web navigation, and AI Gateway for optional API routing
  • Always-On Deployment — Managed serverless container eliminates cold starts and infrastructure overhead

Architecture & Deployment Model

The project runs OpenClaw in a Cloudflare Sandbox container, a managed execution environment available on the Workers Paid plan ($5/month). Unlike traditional Docker deployments, Sandbox provides automatic scaling, managed networking, and deep Cloudflare platform integration without requiring container orchestration knowledge.

Authentication uses a two-layer approach: a gateway token (query parameter) grants access to the Control UI, while device pairing (admin approval via /_admin/) secures downstream connections. Cloudflare Access provides Zero Trust authentication for sensitive admin routes.

Getting Started

Prerequisites: Cloudflare Workers Paid plan, Anthropic API key (or Cloudflare AI Gateway access), and npm installed locally.

  1. Clone the repository and install dependencies with npm install
  2. Set your API credentials: either direct Anthropic access (npx wrangler secret put ANTHROPIC_API_KEY) or Cloudflare AI Gateway
  3. Generate a gateway token: export MOLTBOT_GATEWAY_TOKEN=$(openssl rand -hex 32) and set it as a secret
  4. Enable Cloudflare Access on your worker for admin UI protection at /_admin/
  5. Deploy with npm run deploy
  6. Access the Control UI at https://your-worker.workers.dev/?token=YOUR_GATEWAY_TOKEN

Note: First requests may take 1–2 minutes while the container initializes. You must complete Cloudflare Access setup and device pairing before full functionality is available.

Persistence & Storage

By default, OpenClaw data (paired devices, conversation history, configurations) is lost when the container restarts. Enable optional Cloudflare R2 storage to persist state across deployments. R2 offers a free tier suitable for typical assistant workloads, making persistence optional but recommended for production-like usage.

Development & Local Testing

Create a .dev.vars file with DEV_MODE=true to skip Cloudflare Access authentication and device pairing during local development. This enables rapid iteration without navigating the full deployment authentication flow. Debug routes become available with DEBUG_ROUTES=true.

Who This Is For

  • AI/ML Developers — Exploring serverless AI deployment patterns and multi-channel bot architectures
  • Cloudflare Workers Users — Seeking production-grade examples of Sandbox container usage
  • Personal Assistant Builders — Running Claude-powered agents without managing infrastructure
  • DevOps Engineers — Evaluating serverless alternatives to containerized AI services
  • Open Source Contributors — Interested in the OpenClaw ecosystem and gateway architecture

Technical Considerations

This project relies on several Cloudflare services: Workers (compute), Sandbox (container runtime), Access (authentication), Browser Rendering (web navigation), AI Gateway (optional routing), and R2 (optional persistence). While all but Workers have free tiers, production deployments should budget for potential overages depending on usage patterns.

The experimental status means the upstream OpenClaw API may change, and Sandbox container support from Cloudflare could shift. The project is suitable for learning and prototyping but not recommended for mission-critical deployments without careful monitoring.

Resources & Next Steps

  • GitHub Repository — greenisagoodcolor/moltbot-sandbox (Apache-2.0 license)
  • Read AGENTS.md for agent runtime and skills documentation
  • Review CONTRIBUTING.md for development guidelines
  • Check wrangler.jsonc for Cloudflare Workers configuration details
  • cloudflare-workers — Serverless functions with Cloudflare infrastructure
  • ai-gateway — API routing and cost optimization for LLM calls
  • zero-trust-auth — Zero Trust security patterns for AI applications

Source: GitHub repository documentation and project configuration files; last updated February 2026.

Read original
Share:

Original Source

https://github.com/greenisagoodcolor/moltbot-sandbox

View Original

Last updated: