ClawdapusDocker on Rails for Claws

What It Looks Like ​

The Image — Clawfile ​

An extended Dockerfile. Any valid Dockerfile is a valid Clawfile.

FROM openclaw:latest

CLAW_TYPE openclaw
AGENT AGENTS.md

MODEL primary openrouter/anthropic/claude-sonnet-4
CLLAMA passthrough

HANDLE discord
INVOKE 15 8 * * 1-5  pre-market

SURFACE service://trading-api
SURFACE volume://shared-research read-write

The Deployment — claw-pod.yml ​

An extended docker-compose.yml. Services inherit pod-level defaults.

x-claw:
  pod: trading-desk
  master: octopus
  cllama-defaults:
    proxy: [passthrough]
    env:
      OPENROUTER_API_KEY: "${OPENROUTER_API_KEY}"
  surfaces-defaults:
    - "service://trading-api"
    - "volume://shared-research read-write"

services:
  tiverton:
    image: trading-desk-tiverton:latest
    build:
      context: ./agents/tiverton
    x-claw:
      agent: ./agents/tiverton/AGENTS.md
      handles:
        discord:
          id: "${TIVERTON_DISCORD_ID}"
          username: "tiverton"

Five Minutes to Running ​

curl -sSL https://raw.githubusercontent.com/mostlydev/clawdapus/master/install.sh | sh
git clone https://github.com/mostlydev/clawdapus.git
cd clawdapus/examples/quickstart
cp .env.example .env   # add your keys
claw pull      # pinned runtime infra + registry services
claw build     # local build: services
claw up -d     # compile + launch
claw health    # ✓ all healthy
claw down      # tear down when you're done

The everyday operator loop is claw pull, claw build, claw up, claw down.

Core Principles ​

1. Purpose is sacred — contract is bind-mounted read-only; survives full container compromise
2. The workspace is alive — bots install and adapt; mutations are tracked and promotable
3. Configuration is code — every deviation from defaults is diffable
4. Drift is an open metric — independent audit via the governance proxy, not self-report
5. Surfaces are declared — topology for operators; capability discovery for bots. The proxy enforces cognitive boundaries.
6. Claws are users — standard credentials; the proxy governs intent, the service's own auth governs execution
7. Compute is a privilege — operator assigns models and schedules; proxy enforces budgets
8. Think twice, act once — a reasoning model cannot be its own judge
9. Memory survives the container (and the runner) — session history is captured at the proxy boundary and persisted outside the runtime directory. Swap the runtime without losing the mind. The ambient memory plane is live: pluggable memory services declared via claw.describe, compiled by claw up, and orchestrated by cllama. Infrastructure recalls derived context before each inference turn and retains after each response — automatically, without the agent asking.