Deploying a Secure Private AI Assistant: The Complete Nemo Claw Setup Guide

Deploying a Secure Private AI Assistant: The Complete Nemo Claw Setup Guide

Visit OpenClaw + VPS for NemoClaw now

Giving an AI assistant access to your email, calendar, and private files is a huge risk if you don't have a lock on the door. Most people just use a standard API, but that leaves your data open to whatever the AI decides to do. This is why you need to pair Open Claw, the actual AI assistant, with Nemo Claw. Nemo Claw acts as a security layer that controls exactly what your assistant can see and touch. By the end of this guide, you'll have a private AI running on your own server that you can chat with from your browser or your phone via Telegram.

Using a pre-built template makes this process much faster. You won't have to write every line of code from scratch.

Choosing the Right Foundation – VPS Setup with Hostinger

You can't run a serious AI assistant on your home laptop if you want it available 24/7. If your computer sleeps or loses internet, your assistant dies. A Virtual Private Server (VPS) keeps the AI running in the cloud. Hostinger is a great choice here because it's cheaper than Nvidia's platform and offers a one-click template for Nemo Claw.

Selecting the Optimal VPS Plan

Don't go too cheap on your hardware. Nemo Claw needs a certain amount of power to handle the security layers and the AI logic. I recommend the KVM 2 plan. This plan gives you 8GB of RAM, which is the minimum needed for a smooth experience. You also get two virtual CPU cores, 100GB of NVMe disk space, and 8TB of bandwidth.

Utilizing the Nemo Claw One-Click Template

Setting up the server is straightforward. Once you pick your plan, choose a 12-month billing cycle to save money without locking yourself in for years. Look for the "Applications" tab during the OS selection process. Search for "Nemo Claw" and select it to confirm. This installs the base software automatically so you don't have to manually configure the server environment.

Finalizing Account Creation and Root Access

Fill out your billing and account details to activate the server. Once the VPS is ready, you must set up a root password. Click "generate" and copy that password to a safe place immediately. If you lose this, you lose access to your server. Wait a few minutes for Hostinger to provision the hardware before moving to the terminal.

Initializing the Secure Environment (Onboarding)

Now we move into the VPS terminal. This is where you send text commands to the server. For the rest of this guide, you'll be typing commands into this window.

Running the Core Onboarding Command

Start by typing Nemo Claw onboard and pressing enter. The system will ask for a few confirmations. Type yes and Y when prompted to start the setup wizard. This process prepares the sandbox where your AI will live.

AI Model and Browser Access Configuration

You need to pick which AI brain will power your assistant. You can choose from Nvidia, OpenAI, Anthropic, or Gemini. If you pick OpenAI, you'll need an API key from their dashboard. After the key is entered, select your model (the "mini" model is a great balance of speed and cost).

Next, enable Brave web search. This lets your AI browse the live internet instead of relying only on old training data. You'll need to create a Brave Search account and paste that API key into the terminal.

Integrating Telegram for Mobile Access

To chat with your AI on your phone, use Telegram. Open the Telegram app and search for @BotFather. This is the official tool for making bots. Follow these steps:

1. Send /newbot to BotFather.
2. Give your bot a name (like "My Nemo Assistant").
3. Give it a username ending in "bot".
4. Copy the API token BotFather gives you and paste it into your VPS terminal.

You also need your personal User ID so the bot knows who you are. Search for @userinfobot in Telegram, start the chat, and copy your ID number into the terminal. Finally, name your sandbox. The default is my-assistant, but you can name it whatever you like.

Establishing Network Security and Domain Access

Your server is running, but it's currently closed off. We need to open a few "doors" for traffic and set up a secure web address.

Configuring the Hostinger Firewall

Go to the Security tab in your Hostinger dashboard and find the Firewall section. Create a new profile named "Nemo Claw firewall". You need to add two specific rules to let the dashboard work:

• Rule 1: Protocol TCP, Port 80, Source Anywhere, Action Accept.
• Rule 2: Protocol TCP, Port 443, Source Anywhere, Action Accept.

Activate the firewall and wait a couple of minutes for the settings to sync with the VPS.

Installing Caddy for Encrypted Access

Caddy is a web server that handles HTTPS. It ensures that when you log into your AI dashboard, your password and tokens are encrypted. Copy your Hostinger subdomain from the overview page first. Then, run the five Caddy installation commands provided in the setup guide. This installs the software and prepares the server to route traffic to your AI gateway.

Connecting the Subdomain to the Gateway Port

This part requires a text editor like Notepad. Copy the Caddy configuration command and replace the placeholder text with your actual Hostinger subdomain. Paste that modified command into the terminal. Then, run the commands to register the subdomain within Open Claw. This links your web address directly to the AI's control panel.

Verifying Deployment and Accessing the Dashboard

Before we start chatting, we have to make sure the "brain" is actually talking to the "security guard."

Checking Gateway Status within the Sandbox

You are likely still the "root" user. You need to enter the sandbox. Type Nemo Claw my-assistant connect (use your own sandbox name if you changed it). Once inside, type Open Claw gateway status. If you see "RPC probe okay," the system is healthy. Type exit to go back to the root user.

Accessing the Open Claw Control Panel

Open your browser and go to your Hostinger subdomain. This opens the Open Claw dashboard. Find the "Overview" section and paste your Open Claw Gateway Token. This token was generated during the onboarding process. Once you click connect and see the status change to "okay," you have full control over your AI.

Addressing Update Discrepancies

You might see an "Update Available" banner at the top of the screen. Since you used a pre-built template, the update button usually doesn't work. The template has a specific version baked in. If you absolutely need the newest version, the best path is to start fresh on a new VPS. For most users, the template version works perfectly fine.

Testing Functionality and Managing Policies

It is time to see the assistant in action and learn how to manage its permissions.

End-to-End Telegram Connection Test

Open Telegram and click the link to your bot. Hit "start" and send a test message. If the bot replies, the whole chain is working: your phone connects to Telegram, which connects to your VPS, which triggers the AI, and sends the answer back.

Understanding and Managing Nemo Claw Policies

Nemo Claw is strict. It blocks everything by default. If you try to install a new skill—like Google Workspace—the AI will fail because it doesn't have permission to talk to Google. To fix this, use built-in presets. Type Nemo Claw my-assistant policy -add in the terminal. Pick a preset from the list using the space bar and press enter. Presets are safe and easy.

Real-Time Monitoring for Custom Integrations

What happens if there is no preset for a tool you want? Use the live monitor. Type open shell term in the terminal. This opens a window that shows every blocked request in real time. Trigger the action in your AI chat, watch the block appear in the terminal, review it, and approve it. This "review-then-allow" loop keeps your server from being hacked by bad skills.

Final Thoughts

You now have a secure, private AI assistant. You aren't just relying on a company's promise of privacy; you have your own firewall and security layer. From here, you can add skills like Google Workspace to read your emails or check your calendar.

Check out resources like ClawHub or the GitHub skills directory to find more tools. Just be careful with third-party skills. Always vet them before installing. To keep things running smoothly, use the Hostinger dashboard to set up automatic backups and take snapshots before you make big changes to your policies. Your secure AI is ready to work.