openclaw-docker

Manage Docker containers and Compose projects via OpenClaw tools

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "openclaw-docker" with this command: npx skills add homeofe/openclaw-docker

@elvatis_com/openclaw-docker

OpenClaw plugin for Docker container operations and Docker Compose project control.

Features

  • Docker daemon connection via unix socket or TCP
  • Optional TLS for remote daemon access
  • Read and write container tools
  • Docker Compose integration via docker compose CLI
  • Safety controls with readOnly and allowedOperations
  • Configurable command timeout

Prerequisites

  • Docker Engine installed and running on the host
  • Docker CLI (docker command) available in PATH (required for Compose operations)
  • Access to the Docker socket (/var/run/docker.sock) or a remote Docker daemon via TCP

Installation

npm install @elvatis_com/openclaw-docker

Security Notes

  • Use readOnly: true if you only need observation (ps, logs, inspect). This limits the blast radius.
  • TLS keys: If using TCP with TLS, keep your PEM files protected. Only configure trusted certificate paths.
  • Compose directories: The plugin runs docker compose commands in whichever directories you configure as composeProjects. Only configure trusted project paths.
  • Least privilege: Run the plugin in an environment with minimal Docker permissions when possible.

Configuration

Local socket (default)

{
  "plugins": {
    "openclaw-docker": {
      "socketPath": "/var/run/docker.sock",
      "readOnly": false,
      "allowedOperations": ["ps", "logs", "inspect", "start", "stop", "restart", "compose_up", "compose_down", "compose_ps"],
      "composeProjects": [
        { "name": "aegis", "path": "/opt/aegis" }
      ],
      "timeoutMs": 15000
    }
  }
}

Remote Docker daemon with TLS

{
  "plugins": {
    "openclaw-docker": {
      "host": "10.0.0.20",
      "port": 2376,
      "tls": {
        "caPath": "/etc/openclaw/docker/ca.pem",
        "certPath": "/etc/openclaw/docker/cert.pem",
        "keyPath": "/etc/openclaw/docker/key.pem",
        "rejectUnauthorized": true
      },
      "readOnly": true,
      "composeProjects": []
    }
  }
}

Available Tools

  • docker_ps
  • docker_logs
  • docker_inspect
  • docker_start
  • docker_stop
  • docker_restart
  • docker_compose_up
  • docker_compose_down
  • docker_compose_ps

Usage Examples

  • "List all running containers"
  • "Show the last 200 lines from api-gateway logs"
  • "Inspect redis container"
  • "Restart identity-service"
  • "Bring aegis compose project up"
  • "Show status of aegis compose services"

Safety and Permissions

  • readOnly: true allows only ps, logs, inspect, and compose_ps
  • allowedOperations limits which tools can be executed
  • Compose operations are limited to projects in composeProjects
  • Commands use timeout protection via timeoutMs

Development

npm install
npm run build
npm test

License

MIT

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

ISPConfig

Manage ISPConfig servers: automated site provisioning, domains, mailboxes, DNS, databases, SSL, backups, and more.

Registry SourceRecently Updated
2960Profile unavailable
General

INWX

INWX domain registrar management: domain registration, availability check, DNS records, nameservers, DNSSEC, pricing, transfers.

Registry SourceRecently Updated
2870Profile unavailable
General

GPU Bridge

Offload GPU-intensive ML tasks (BERTScore, embeddings) to one or multiple remote GPU machines

Registry SourceRecently Updated
2760Profile unavailable
General

RSS Feeds

RSS/Atom feed digest with optional CVE enrichment, Ghost CMS drafts, and channel notifications

Registry SourceRecently Updated
3960Profile unavailable