Getting Started
The solution creates a security group rule for port 18789 by default (this port is usually used to access OpenClaw). If necessary, configure an IP address whitelist by referring to the following information to prevent the port from being exposed to the public network.
This solution uses port 22 to remotely log in to the cloud server in SSH mode. By default, the public IP address 119.8.185.245/32 for logging in to Cloud Shell is allowed. An IP address whitelist has been configured. If you need to remotely log in to the cloud server, you can directly use CloudShell for remote login.
After the solution is deployed, the environment initialization will take 5 to 10 minutes. The actual deployment time may vary depending on the network and bandwidth. You can access the solution only after the deployment is complete.
A security group is a collection of access control rules to control traffic to and from cloud resources, such as cloud servers, containers, and databases. Cloud resources associated with the same security group have the same security requirements and are mutually trusted within a VPC.
You can modify security group rules, for example, by adding, modifying, or deleting a TCP port, as follows:
- Adding a security group rule: Add an inbound rule and enable a TCP port if needed.
- Modifying a security group rule: Inappropriate security group settings may introduce serious security risks. You can modify security group rules to ensure the network security of your ECSs.
- Deleting a security group rule: If the source or destination IP address of an inbound or outbound security group rule changes, or a port needs to be disabled, you can delete the security group rule.
Initializing OpenClaw Configuration
- Logging in to the server remotely: Open the local terminal, enter `ssh root@{public IP}`, and then enter the server password to log in to the server. You can obtain the server's public IP address by referring to step 10 of the one-click deployment procedure. Figure 1 SSH login

- Initialization:After logging in to the server, enter openclaw onboard to initialize the server. Figure 2 Continue execution
Figure 3 Select Quick Start mode.
Figure 4 Select Update values.
Figure 5 Select a model provider (this article uses Darkside as an example).
Figure 6 Select an authentication method, enter the API key, and select the default model.
Figure 7 Configure now
Figure 8 Select WhatsApp
Figure 9 Link WhatsApp (QR)
Figure 10 Add personal number
Figure 11 Installing skills on demand
Figure 12 Select pnpm as the Node.js package management tool and select the required skills.
Figure 13 You can configure an API key as needed or select No for all of them.
Figure 14 Enable hooks, and you are advised to select all default options.
Figure 15 Restart the gateway service
Figure 16 Start the UI and select the Web UI. Then, you can run the command "ssh -N -L 18789:127.0.0.1:18789 root@ECS_PUBLIC_IP" on the local PC to establish an encrypted SSH tunnel, and map the web UI service of the remote server to the local port. You can then access the address (http://127.0.0.1:18789/#token=xxxxx) with the token in the local browser.
Figure 17 Initialization completed.
Configuring a Model on Huawei Cloud MaaS
OpenClaw supports custom configuration models.
- Logging in to the server: If you did not log out of the server in the previous phase, you can skip this step. Otherwise, log in to the server by referring to step 1 "Initializing OpenClaw Configuration" in this document.
- Configure the model information: Run the bash /root/sac/maas.sh command, and then enter the Base URL, API key, and model ID as prompted. Figure 18 Writing Model Information
Add a Channel (Discord)
This section takes Discord as an example. Each channel has its own configuration steps. For other channels, please refer to official documentations.
- Logging in to the server: If you did not log out of the server in the previous phase, you can skip this step. Otherwise, log in to the server by referring to step 1 "Initializing OpenClaw Configuration" in this document.
- Add a channel: Run openclaw channels add to start the configuration. Figure 19 Configure now
Figure 20 Select Discord
Figure 21 Go to Discord Developer Portal (https://discord.com/developers/applications), then create a new application
Figure 22 Click Bot -> Reset Token
Figure 23 Copy
Figure 24 Paste
Figure 25 Do not configure Discord channels access (open to all channels by default)
Figure 26 Select Finished
Figure 27 Do not configure DM access policies now
Figure 28 Do not display names
Figure 29 Toggle on Privileged Gateway Intents and save
Figure 30 Select OAuth2 -> select bot for Scopes -> open the Generated URL
Figure 31 Select your sever and authorize
Figure 32 Approve the access on first message. Go back to the server and run openclaw pairing approve discord <code>
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot