This guide provides Ansible playbooks for automating MicroClaw deployment and configuration.
microclaw-ansible/
├── inventory.ini
├── group_vars/
│ └── all.yml
├── playbooks/
│ ├── install.yml
│ ├── configure.yml
│ ├── deploy.yml
│ └── backup.yml
├── roles/
│ └── microclaw/
│ ├── tasks/
│ │ ├── install.yml
│ │ ├── configure.yml
│ │ ├── service.yml
│ │ └── main.yml
│ ├── templates/
│ │ ├── microclaw.config.yaml.j2
│ │ └── microclaw.service.j2
│ ├── handlers/
│ │ └── main.yml
│ └── defaults/
│ └── main.yml
└── secrets/
└── vault.yml
inventory.ini)[microclaw_servers]
microclaw-01 ansible_host=192.168.1.100 ansible_user=ubuntu
[microclaw_servers:vars]
ansible_python_interpreter=/usr/bin/python3
[production]
microclaw-prod-01 ansible_host=192.168.1.100
microclaw-prod-02 ansible_host=192.168.1.101
[staging]
microclaw-staging-01 ansible_host=192.168.1.200
[microclaw_servers:children]
production
staging
[microclaw_servers:vars]
ansible_user=ubuntu
ansible_python_interpreter=/usr/bin/python3
group_vars/all.yml)---
# MicroClaw Configuration
microclaw_version: "latest"
microclaw_install_dir: "/opt/microclaw"
microclaw_data_dir: "/opt/microclaw/data"
microclaw_working_dir: "/opt/microclaw/working_dir"
# LLM Configuration
microclaw_llm_provider: "anthropic"
microclaw_model: "claude-sonnet-4-20250514"
# Channel Configuration
microclaw_channels:
telegram:
enabled: true
bot_username: "my_microclaw_bot"
# Service Configuration
microclaw_service_enabled: true
microclaw_service_name: "microclaw"
# Security
microclaw_sandbox_enabled: false
microclaw_sandbox_security_profile: "standard"
# Resource Limits
microclaw_memory_limit: "2G"
microclaw_cpu_limit: "2.0"
# Backup Configuration
microclaw_backup_enabled: true
microclaw_backup_dir: "/var/backups/microclaw"
microclaw_backup_retention_days: 7
secrets/vault.yml)---
# LLM API Key
microclaw_api_key: "sk-ant-..."
# Channel Credentials
microclaw_telegram_bot_token: "123456:ABC-DEF1234..."
microclaw_discord_bot_token: ""
microclaw_slack_bot_token: ""
microclaw_slack_app_token: ""
# Web UI Password
microclaw_web_password: ""
ansible-vault encrypt secrets/vault.yml
ansible-vault edit secrets/vault.yml
ansible-vault view secrets/vault.yml
playbooks/deploy.yml)---
- name: Deploy MicroClaw AI Agent
hosts: microclaw_servers
become: true
vars_files:
- ../secrets/vault.yml
vars:
microclaw_config:
llm_provider: "{{ microclaw_llm_provider }}"
api_key: "{{ microclaw_api_key }}"
model: "{{ microclaw_model }}"
channels:
telegram:
default_account: "main"
accounts:
main:
bot_token: "{{ microclaw_telegram_bot_token }}"
bot_username: "{{ microclaw_channels.telegram.bot_username }}"
data_dir: "{{ microclaw_data_dir }}"
working_dir: "{{ microclaw_working_dir }}"
sandbox:
enabled: "{{ microclaw_sandbox_enabled }}"
security_profile: "{{ microclaw_sandbox_security_profile }}"
pre_tasks:
- name: Update apt cache
apt:
update_cache: yes
cache_valid_time: 3600
when: ansible_os_family == "Debian"
- name: Install required packages
package:
name:
- curl
- sqlite3
state: present
roles:
- role: microclaw
post_tasks:
- name: Verify MicroClaw is running
command: microclaw gateway status
register: microclaw_status
changed_when: false
failed_when: false
- name: Display MicroClaw status
debug:
var: microclaw_status.stdout_lines
roles/microclaw/tasks/install.yml---
- name: Create MicroClaw user
user:
name: microclaw
system: yes
shell: /bin/bash
create_home: yes
- name: Create MicroClaw directories
file:
path: "{{ item }}"
state: directory
owner: microclaw
group: microclaw
mode: '0750'
loop:
- "{{ microclaw_data_dir }}"
- "{{ microclaw_working_dir }}"
- "{{ microclaw_data_dir }}/runtime"
- "{{ microclaw_data_dir }}/runtime/logs"
- "{{ microclaw_data_dir }}/skills"
- "{{ microclaw_backup_dir }}"
- name: Download MicroClaw installer
get_url:
url: "https://microclaw.ai/install.sh"
dest: "/tmp/microclaw-install.sh"
mode: '0755'
become_user: microclaw
- name: Run MicroClaw installer
shell: |
curl -fsSL https://microclaw.ai/install.sh | bash
args:
creates: "/home/microclaw/.microclaw/bin/microclaw"
become_user: microclaw
register: install_result
changed_when: "'Successfully installed' in install_result.stdout"
- name: Create symlink for microclaw binary
file:
src: "/home/microclaw/.microclaw/bin/microclaw"
dest: "/usr/local/bin/microclaw"
state: link
roles/microclaw/tasks/configure.yml---
- name: Create MicroClaw configuration directory
file:
path: "/home/microclaw/.microclaw"
state: directory
owner: microclaw
group: microclaw
mode: '0700'
- name: Deploy MicroClaw configuration
template:
src: microclaw.config.yaml.j2
dest: "/home/microclaw/.microclaw/microclaw.config.yaml"
owner: microclaw
group: microclaw
mode: '0600'
become_user: microclaw
notify: restart microclaw
- name: Create MCP configuration (optional)
template:
src: mcp.json.j2
dest: "/home/microclaw/.microclaw/mcp.json"
owner: microclaw
group: microclaw
mode: '0600'
become_user: microclaw
when: microclaw_mcp_enabled | default(false)
roles/microclaw/tasks/service.yml---
- name: Install MicroClaw as systemd service
systemd:
name: microclaw
enabled: yes
state: started
daemon_reload: yes
become: true
- name: Wait for MicroClaw to be ready
wait_for:
timeout: 10
when: microclaw_service_enabled
roles/microclaw/tasks/main.yml---
- include_tasks: install.yml
- include_tasks: configure.yml
- include_tasks: service.yml
when: microclaw_service_enabled
roles/microclaw/templates/microclaw.config.yaml.j2# MicroClaw Configuration
# Managed by Ansible - Do not edit manually
# LLM Configuration
llm_provider: "{{ microclaw_llm_provider }}"
api_key: "{{ microclaw_api_key }}"
model: "{{ microclaw_model }}"
# Channel Configuration
channels:
{% if microclaw_channels.telegram.enabled | default(false) %}
telegram:
default_account: "main"
accounts:
main:
bot_token: "{{ microclaw_telegram_bot_token }}"
bot_username: "{{ microclaw_channels.telegram.bot_username }}"
{% endif %}
{% if microclaw_channels.discord.enabled | default(false) %}
discord:
default_account: "main"
accounts:
main:
bot_token: "{{ microclaw_discord_bot_token }}"
{% endif %}
# Data Directories
data_dir: "{{ microclaw_data_dir }}"
working_dir: "{{ microclaw_working_dir }}"
working_dir_isolation: "chat"
# Optional Settings
timezone: "UTC"
max_tokens: {{ microclaw_max_tokens | default(8192) }}
max_tool_iterations: {{ microclaw_max_tool_iterations | default(100) }}
memory_token_budget: {{ microclaw_memory_token_budget | default(1500) }}
{% if microclaw_sandbox_enabled | default(false) %}
# Sandbox Configuration
sandbox:
mode: "all"
backend: "auto"
security_profile: "{{ microclaw_sandbox_security_profile }}"
image: "ubuntu:25.10"
container_prefix: "microclaw-sandbox"
no_network: true
{% endif %}
roles/microclaw/handlers/main.yml---
- name: restart microclaw
systemd:
name: microclaw
state: restarted
daemon_reload: yes
- name: reload microclaw
systemd:
name: microclaw
state: reloaded
playbooks/backup.yml)---
- name: Backup MicroClaw Data
hosts: microclaw_servers
become: true
vars:
backup_timestamp: "{{ ansible_date_time.iso8601_basic_short }}"
backup_filename: "microclaw-backup-{{ backup_timestamp }}.tar.gz"
tasks:
- name: Ensure backup directory exists
file:
path: "{{ microclaw_backup_dir }}"
state: directory
owner: microclaw
group: microclaw
mode: '0750'
- name: Stop MicroClaw service
systemd:
name: microclaw
state: stopped
- name: Create backup archive
archive:
path:
- "/home/microclaw/.microclaw"
dest: "{{ microclaw_backup_dir }}/{{ backup_filename }}"
format: gz
owner: microclaw
group: microclaw
- name: Start MicroClaw service
systemd:
name: microclaw
state: started
- name: Clean up old backups
find:
paths: "{{ microclaw_backup_dir }}"
patterns: "microclaw-backup-*.tar.gz"
age: "{{ microclaw_backup_retention_days }}d"
register: old_backups
- name: Remove old backups
file:
path: "{{ item.path }}"
state: absent
loop: "{{ old_backups.files }}"
- name: Display backup location
debug:
msg: "Backup created: {{ microclaw_backup_dir }}/{{ backup_filename }}"
# Deploy with vault password prompt
ansible-playbook -i inventory.ini playbooks/deploy.yml --ask-vault-pass
# Deploy with vault password file
ansible-playbook -i inventory.ini playbooks/deploy.yml --vault-password-file ~/.vault_pass.txt
ansible-playbook -i inventory.ini playbooks/deploy.yml --tags configure --ask-vault-pass
ansible-playbook -i inventory.ini playbooks/backup.yml
ansible microclaw_servers -a "microclaw gateway status"
ansible microclaw_servers -m systemd -a "name=microclaw state=restarted" --become
Use tags for selective execution:
# Install only
ansible-playbook -i inventory.ini playbooks/deploy.yml --tags install
# Configure only
ansible-playbook -i inventory.ini playbooks/deploy.yml --tags configure
# Service only
ansible-playbook -i inventory.ini playbooks/deploy.yml --tags service
ansible microclaw_servers -a "microclaw --version"
ansible microclaw_servers -a "microclaw doctor"
ansible microclaw_servers -m systemd -a "name=microclaw" --become
ansible microclaw_servers -a "journalctl -u microclaw --no-pager -n 50" --become
Any questions?
Feel free to contact us. Find all contact information on our contact page.