OpenClaw Mac Mini Setup

Automated, security-first setup for OpenClaw on a Mac Mini. Based on this guide, with Telegram as the messaging channel and Tailscale Serve for remote access.

Prerequisites

• A Mac Mini (Apple Silicon or Intel)
• An admin macOS account (the default account created during initial setup)
• A Tailscale account
• An Anthropic API key
• A Telegram bot token (create one via @BotFather on Telegram)
• A Gemini API key (optional, for web search)
• A Google Cloud project with OAuth configured (for Gmail and Calendar — see Google Workspace Setup below)

Setup Steps

Step 1: Admin Setup

Run from your admin account. This enables FileVault, the firewall, installs Homebrew + Tailscale + Obsidian, and creates a non-admin openclaw user.

bash scripts/01-admin-setup.sh

After this completes, open Tailscale and log in:

open -a Tailscale

Step 1a: Dev Environment (Optional)

Still as admin, install development tools (GitHub CLI, Google Workspace CLI) and set up Google OAuth:

bash scripts/01a-dev-setup.sh

Step 2: OpenClaw Setup

Switch to the openclaw user and run the setup script. This installs nvm, Node.js 22, OpenClaw, the Google Workspace CLI, sets up an Obsidian vault with plugins, installs ClawHub skills, configures secrets and Google credentials, writes the config, and locks down permissions.

sudo -u openclaw -i
bash /usr/local/share/openclaw/scripts/02-openclaw-setup.sh

You'll be prompted for:

• Your Anthropic API key
• Your Telegram bot token
• Your Gemini API key (optional — enables web search)
• Path to a Google Workspace credentials file (generated in Step 1a, or see below)
• A name for your bot
• Your name (so the bot knows who you are)

Step 3: Install the Daemon

Switch back to your admin account and install the LaunchDaemon so OpenClaw starts at boot.

exit  # back to admin
bash scripts/01b-install-daemon.sh

Step 4: Verify

Switch to the openclaw user and run the verification script.

sudo -u openclaw -i
bash /usr/local/share/openclaw/scripts/03-verify.sh

This checks every item from the security checklist and prints a pass/fail summary.

Post-Setup

Pairing Your Telegram Account

1. Send any message to your bot on Telegram
2. You'll see a pairing code in the OpenClaw logs
3. Approve it:

sudo -u openclaw openclaw pairing approve telegram <CODE>

Bot's Personality

The setup script generates a personality prompt at ~/.openclaw/personality.txt using the bot name and owner name you provided. On your first interaction with the bot, send its contents to set the bot's personality and ground rules.

Retrieving the OpenClaw User Password

The openclaw user's password is saved in the admin user's Keychain during setup. To retrieve it:

security find-generic-password -s "openclaw-user-password" -w

Accessing the Dashboard

The dashboard is available locally at http://127.0.0.1:18789/. On first visit, you'll be prompted for the gateway token. Retrieve it from your admin account:

sudo -u openclaw grep OPENCLAW_GATEWAY_TOKEN ~openclaw/.openclaw/secrets.env

Paste the token value into the dashboard's Control UI settings. Then approve the device:

sudo -u openclaw openclaw devices list        # find the pending request ID
sudo -u openclaw openclaw devices approve <ID>

Obsidian Vault

The setup creates an Obsidian vault at ~openclaw/.openclaw/workspace/obsidian-vault/. The admin user is granted full access to the entire ~openclaw/.openclaw/ directory via macOS ACLs (set up by 01-admin-setup.sh). Structure:

• Daily Notes/ — one note per day (YYYY-MM-DD format)
• Templates/ — reusable note templates (includes a Daily Note template)
• People/ — notes on people, linked in tasks for delegation tracking
• Task Dashboard.md — aggregated task views (due today, upcoming, work, personal, waiting on others)
• Task inbox.md — quick capture for tasks to triage later

Obsidian plugins pre-installed:

• Tasks (obsidian-tasks-group/obsidian-tasks) — task management with due dates, tags, and queries

OpenClaw skill:

• steipete/obsidian — ClawHub skill that lets the bot work with Obsidian vaults and automate via obsidian-cli

First-time setup:

1. Open the vault in Obsidian — you'll be prompted to "Trust author and enable plugins." Click "Trust" to enable the pre-installed community plugins.
2. Go to Settings > General and enable the CLI. This installs obsidian-cli, which the steipete/obsidian ClawHub skill requires.

To open the vault from the admin account:

open ~openclaw/.openclaw/workspace/obsidian-vault

Google Workspace (Gmail + Calendar)

The bot can read and manage Gmail and Google Calendar via the Google Workspace CLI (gws).

Generating credentials (one-time, after running 01a-dev-setup.sh):

01a-dev-setup.sh installs gws, gcloud, and Node.js. After the script completes, run these commands manually from the admin account:

gws auth setup                    # create a Google Cloud project + enable APIs (requires gcloud)
gws auth login -s gmail,calendar  # log in with Gmail and Calendar scopes (opens browser)
gws auth export --unmasked > /tmp/gws-credentials.json

Then provide /tmp/gws-credentials.json when running 02-openclaw-setup.sh.

Publishing your OAuth app: By default, Google Cloud projects are in "Testing" mode, where refresh tokens expire after 7 days. To avoid periodic re-auth, go to Google Cloud Console > APIs & Services > OAuth consent screen and click Publish App. This is safe for personal use — it doesn't expose your app or data to anyone else.

Refreshing credentials: If tokens expire, repeat the gws auth login and gws auth export commands above and copy the new file to ~openclaw/.openclaw/credentials/gws-credentials.json, then restart the daemon.

OpenClaw skills installed:

• gws-shared — Shared auth patterns, global flags, and security rules
• gws-gmail — Gmail: send, read, and manage email (sub-skills pulled in automatically)
• gws-calendar — Calendar: manage calendars and events (sub-skills pulled in automatically)

Security notes:

• The bot must ask before every shell command (tools.exec.ask: "always"), so you approve each gws call
• Credentials are stored in a permission-locked file (mode 600) within the encrypted volume (FileVault)
• The GOOGLE_WORKSPACE_CLI_CONFIG_DIR is redirected into ~/.openclaw/credentials/gws-config/ to keep all gws state within the secured tree
• The workspaceOnly filesystem restriction does not affect gws, which runs as a subprocess via exec

Remote Access via Tailscale

The dashboard is also accessible at https://<your-machine-name>.<tailnet>/ from any device on your Tailscale network.

Managing the Daemon

# View logs
tail -f /var/log/openclaw/gateway.log
tail -f /var/log/openclaw/gateway.err

# Restart (to pick up config/secret changes)
sudo launchctl kickstart -k system/ai.openclaw.gateway

# Stop
sudo launchctl bootout system/ai.openclaw.gateway

# Start
sudo launchctl bootstrap system /Library/LaunchDaemons/ai.openclaw.gateway.plist

Security Checklist

• Latest version (>= 2026.2.15, covers CVE-2026-25253 + GHSA-chf7-jq6g-qrwv)
• Dedicated non-admin macOS user (openclaw)
• FileVault enabled
• macOS firewall on (stealth mode)
• Gateway bound to loopback (127.0.0.1)
• Token auth on gateway (via env var reference, not plaintext)
• Tailscale Serve (tailnet-only, no Funnel)
• DMs set to pairing mode
• Tool deny list configured (gateway, cron, sessions_spawn, sessions_send)
• Filesystem restricted to workspace only
• Telegram configWrites disabled
• Group messages require @mention
• Telegram token loaded via tokenFile (not env var)
• Telegram Privacy Mode enabled (verify in @BotFather)
• Claude Opus 4.6 (strongest prompt-injection resistance)
• Log redaction enabled
• Credentials in permissions-locked files (mode 600), including Google Workspace credentials
• Only vetted ClawHub skills installed (steipete/obsidian, googleworkspace-bot/gws-*)
• Obsidian vault within workspace (admin access via macOS ACLs)
• openclaw security audit --deep run regularly