Molinar launched as a fully open-source platform for deploying OpenClaw AI agents, offering both managed hosting at $49 per month and a self-hosted AGPL-3.0 option that costs nothing but your time. The platform eliminates the infrastructure headaches that previously forced developers to maintain dedicated hardware or wrestle with cloud configurations just to keep an agent running 24/7. You get containerized isolation through AWS ECS Fargate, real-time log streaming via CloudWatch, and Telegram integration without writing a single line of webhook code. The entire codebase dropped on GitHub alongside the production release, meaning you can audit every permission, fork the billing logic, or deploy the whole stack to your own AWS account. This is not a beta release or a waitlist signup. The autoscaling is active, the Stripe billing is live, and the founder claims a single day’s build time from concept to deployment. For OpenClaw users who have been running agents on laptops that overheat or Raspberry Pis that lose WiFi, this represents a viable path to production-grade reliability without surrendering control to closed-source alternatives like ai.com.
What Just Shipped: Molinar Hits Production
Molinar is now live as a managed platform for OpenClaw deployments, shipping with production-grade infrastructure that typically requires teams of DevOps engineers to maintain. The platform supports both multi-tenant managed accounts and fully isolated self-hosted instances, with the entire codebase available under AGPL-3.0 licensing. You can sign up at business.molinar.ai, paste your Anthropic API key and Telegram bot token, and have a running agent within five minutes. The system handles container orchestration, secret management, log aggregation, and real-time status updates without requiring you to write Dockerfiles or configure load balancers. This release includes autoscaling capabilities, Stripe payment processing, and Stytch B2B authentication out of the box. The founder built and open-sourced the entire stack in twenty-four hours, demonstrating that modern cloud abstractions have compressed infrastructure timelines from months to hours. For the OpenClaw ecosystem, this provides the missing deployment layer that turns local prototypes into always-on production services. This rapid development model emphasizes the power of leveraging existing cloud services and open-source components to deliver complex solutions.
Why Build a Platform in 24 Hours?
The founder built Molinar in a single day because the pain of self-hosting OpenClaw had become unbearable for solo operators. Running your own agent previously meant maintaining a Mac Mini in your closet, praying your WiFi holds during storms, and becoming a part-time sysadmin instead of building product. Most developers give up before they finish configuring systemd services or reverse proxies. Molinar exists because the OpenClaw framework provides powerful autonomous capabilities, but the deployment story remained stuck in 2010. By shipping a complete platform with authentication, billing, and container orchestration in twenty-four hours, the creator proved that modern infrastructure tools like AWS Fargate and Supabase have matured enough to compress months of work into hours. You do not need a DevOps team to run production AI agents anymore. You need an AWS account, an API key, and five minutes of configuration time. This velocity also demonstrates that open-source AI infrastructure can move as fast as closed-source competitors without sacrificing security or scalability. This approach challenges traditional software development timelines and highlights the efficiency gains from cloud-native architectures.
The Architecture: ECS Fargate Under the Hood
Molinar runs each OpenClaw agent inside its own AWS ECS Fargate task, using FARGATE_SPOT instances with 2 vCPU and 4 GB RAM per container. This means your agent gets isolated compute resources without you managing EC2 instances or patching operating systems. When you hit the launch button, the platform provisions a new task definition, assigns an Elastic Network Interface (ENI), and boots your OpenClaw instance in approximately thirty seconds. This ensures dedicated resources for each agent, preventing performance degradation from other users’ activities.
{
"family": "openclaw-agent",
"networkMode": "awsvpc",
"requiresCompatibilities": ["FARGATE"],
"cpu": "2048",
"memory": "4096",
"executionRoleArn": "arn:aws:iam::ACCOUNT:role/ecsTaskExecutionRole"
}The containers run stateless configurations pulled from SSM Parameter Store, allowing you to update secrets without rebuilding images. Logs stream directly to CloudWatch in real-time, with the dashboard parsing setup phases from provisioning through health checks to gateway readiness. Supabase Realtime handles the websocket connections that push status updates to your browser, eliminating the need for polling infrastructure. This stack costs roughly $30-50 per month per agent in AWS fees, which explains the $49 starter pricing. You are not sharing compute with other users; every agent operates in its own silo with dedicated resources, guaranteeing performance and security. This granular control over resources is a key advantage for production deployments.
Security Model: Zero Trust, Zero Inbound
Every Molinar deployment follows a zero-trust architecture with absolutely no inbound ports exposed to the internet. Each Fargate task attaches to an egress-only security group, meaning the container can initiate outbound connections to Anthropic’s API and Telegram’s servers, but nothing can initiate connections inward. This eliminates the attack surface for port scanning or brute force attempts. The platform stores no API keys in its PostgreSQL database; instead, it uses AWS SSM Parameter Store with SecureString encryption and per-organization isolation paths. When your agent needs credentials, it queries SSM at runtime with IAM roles scoped to specific task ARNs. You can verify this implementation yourself because the entire platform ships under AGPL-3.0, including the infrastructure-as-code definitions. This security posture matches enterprise container standards without requiring you to write JSON policy documents or configure VPC endpoints manually. For developers paranoid about key exposure, this architecture provides cryptographic proof that secrets remain in AWS’s custody, not Molinar’s database. This robust security design provides peace of mind for sensitive AI agent operations.
BYOK: Bring Your Own Keys, Keep Your Data
Molinar operates on a strict BYOK (Bring Your Own Key) policy where you supply your own Anthropic API key and Telegram bot token, ensuring the platform never sees your usage patterns or conversation history. This design choice removes the incentive for data harvesting because the infrastructure provider cannot access your LLM prompts or responses. Your API key enters the system through a secure frontend form that writes directly to AWS SSM Parameter Store, bypassing Molinar’s PostgreSQL database entirely. When the Fargate task launches, it receives read-only IAM permissions scoped to fetch only that specific organization’s secrets. The founders never handle your credentials in plaintext, and the AGPL-3.0 license lets you audit the exact code paths that touch authentication flows. This approach contrasts sharply with managed AI platforms that proxy your requests through their own infrastructure, logging prompts for “quality improvement.” You maintain direct billing relationships with Anthropic, so you see exactly what your agents cost without platform markups on token usage. This transparency and data sovereignty are fundamental to Molinar’s value proposition.
The Three-Step OpenClaw Deployment Flow
Deploying an OpenClaw agent through Molinar requires exactly three actions that take under five minutes from signup to live agent. First, you create an account using Stytch B2B authentication, which handles MFA and organization management without passwords. Second, you paste your Anthropic API key and Telegram bot token into encrypted form fields that write to AWS SSM. Third, you click launch and watch the real-time dashboard as ECS provisions your container through four distinct phases: provisioning, configuring, health check, and gateway ready. The platform automatically patches your OpenClaw configuration for Telegram DM access, so you need not edit YAML files or environment variables manually. Once the status hits “Ready,” your agent responds to Telegram messages immediately and continues running regardless of whether your laptop is open. This workflow eliminates the traditional DevOps checklist of Docker builds, reverse proxy configuration, SSL certificate management, and systemd service files, making agent deployment accessible to a broader audience.
Real-Time Dashboard: Supabase + CloudWatch Integration
The Molinar dashboard combines Supabase Realtime with CloudWatch Logs to create a live view of your agent’s bootstrap process without refreshing your browser. When you initiate a deployment, the backend streams ECS task status changes to a Supabase Realtime channel, which pushes updates to your React frontend via websockets. Simultaneously, CloudWatch Logs Insights queries parse container stdout into structured setup phases, displaying progress bars for provisioning, configuration, and health checks. You see exactly when your agent downloads dependencies, connects to Telegram, and finishes its initial health probe. This architecture costs approximately $30 per month in AWS CloudWatch fees per active agent, but provides forensic-level visibility into container initialization that beats SSHing into a VPS and tailing log files. The polling fallback refreshes every three seconds during setup if websockets fail, ensuring you never miss a state transition during the critical thirty-second launch window. For debugging failed starts, you get searchable logs back to the first container boot, offering unparalleled insight into your agent’s lifecycle.
Container Isolation: One Agent, One Task for Enhanced Performance
Molinar enforces strict container isolation by running each OpenClaw agent as its own AWS ECS Fargate task, meaning no shared compute between users or even between your own agents. If you run five agents, you get five separate task definitions with dedicated ENIs, security groups, and resource allocations. This isolation prevents noisy neighbor problems where another user’s CPU-intensive agent could starve your instance of resources. Each container receives exactly 2 vCPUs and 4 GB of memory, which suffices for OpenClaw’s web search, file manipulation, and shell command execution without swapping. When you delete an agent, Molinar deregisters the task definition and terminates the ENI, ensuring no residual data persists in memory or disk. This model costs more than shared Kubernetes pods, but eliminates the risk of container escape vulnerabilities or side-channel attacks common in multi-tenant platforms. You trade cost efficiency for security guarantees and predictable performance, which is crucial for critical AI agent operations.
Pricing Breakdown: Managed vs. Self-Hosted Options
Molinar offers two distinct economic models that both end up cheaper than maintaining your own hardware. The managed tier charges $49 per month for the starter plan and $149 for professional, which covers the AWS infrastructure costs plus platform maintenance. Alternatively, you can self-host the entire stack for free by cloning the GitHub repository and deploying to your own AWS account, paying only the underlying Fargate and CloudWatch fees of roughly $30-40 monthly. The managed premium buys you automatic updates, support, and the Stytch authentication layer without configuration work. Self-hosting requires you to manage Supabase, Stripe webhooks, and ECS clusters yourself. For a single agent, the managed option costs approximately ten dollars more than raw AWS fees but saves you hours of DevOps time. At scale, the $149 pro plan likely includes multiple agents or higher resource limits, though exact tier differences remain unspecified in the initial release documentation. This flexibility caters to different user needs and technical expertise levels.
Molinar vs. ai.com: A Detailed Comparison
When evaluating OpenClaw deployment options, you face a choice between Molinar’s open-source infrastructure and ai.com’s closed-source managed service. Molinar provides full code transparency under AGPL-3.0, container-level isolation, and BYOK architecture that keeps your API credentials in AWS SSM rather than platform databases. Ai.com offers similar managed deployment but hides the infrastructure details and likely runs multi-tenant Kubernetes clusters rather than isolated Fargate tasks. Molinar lets you self-host for free; ai.com requires ongoing subscription fees with no escape hatch. Both platforms handle the sysadmin burden of keeping agents online, but Molinar gives you Terraform configurations to replicate the entire stack independently.
| Feature | Molinar | ai.com |
|---|---|---|
| License | AGPL-3.0 | Proprietary |
| Container Isolation | Fargate tasks (dedicated) | Unknown (likely shared) |
| API Key Storage | AWS SSM (BYOK, KMS encrypted) | Platform database (proprietary) |
| Data Sovereignty | High (user controls keys and data) | Medium (platform proxies requests) |
| Self-hosting Option | Available with full source code | Not available |
| Pricing Model | $49-149/mo (managed) or free (self-hosted) | Subscription only (proprietary pricing) |
| Infrastructure Transparency | Fully auditable (open source) | Opaque (closed source) |
| Egress-Only Networking | Yes | Unknown |
| Real-time Logs | CloudWatch Logs + Supabase Realtime | Proprietary dashboard |
The critical difference lies in data sovereignty: Molinar cannot see your prompts because you bring your own Anthropic key, while ai.com likely proxies requests through their infrastructure, creating a potential surveillance point. This makes Molinar a compelling choice for users prioritizing privacy and control.
The Telegram Integration Mechanics
Molinar automates the Telegram bot configuration that typically requires manual webhook setup and firewall adjustments. When you paste your Telegram bot token during onboarding, the platform injects this credential into your OpenClaw agent’s environment variables and patches the configuration file to enable DM access automatically. The agent initiates outbound connections to Telegram’s API servers using the egress-only security group, polling for messages every few seconds without requiring inbound ports. This architecture means you need not configure nginx reverse proxies or SSL certificates to receive webhook callbacks from Telegram’s servers. Your agent runs persistently within the Fargate container, maintaining the connection to Telegram’s update endpoints even when you close your laptop. The integration supports all standard OpenClaw capabilities including file uploads, shell command execution, and web search results formatted for mobile viewing. You interact with your agent through standard Telegram chats on any device, while the heavy compute runs on AWS infrastructure optimized for 24/7 availability. This seamless integration simplifies agent interaction and management.
Secrets Management with AWS SSM Parameter Store
The platform handles sensitive credentials through AWS Systems Manager Parameter Store using SecureString encryption with AWS KMS keys, never persisting API tokens to the Supabase PostgreSQL database. When you submit your Anthropic key through the web interface, the Next.js backend writes directly to SSM using paths scoped to your organization ID and agent instance ID. This approach minimizes the risk of credential exposure and adheres to best practices for secrets management.
aws ssm put-parameter \
--name "/molinar/org_123/agent_456/anthropic_key" \
--value "sk-ant-..." \
--type "SecureString"The Fargate task assumes an IAM role with read-only permissions limited to that specific path, following least-privilege principles. This design means even if the Molinar web application suffered a SQL injection attack, the database contains only metadata like agent names and creation timestamps, not your actual API keys. You can rotate credentials by updating the SSM parameter value, which takes effect on the next container restart without code changes. The AGPL-3.0 source code reveals exactly how these IAM policies attach to task roles, letting security teams audit the permission boundaries. This level of transparency and control is a significant advantage for security-conscious users.
Autoscale Configuration for OpenClaw Agents
Molinar ships with autoscaling enabled by default, using AWS Application Auto Scaling to monitor ECS task CPU utilization and spin up additional Fargate instances when your agents hit resource limits. The platform configures target tracking policies that maintain 70 percent CPU utilization, scaling out when average usage exceeds this threshold for two minutes. Because each agent runs in its own task, scaling horizontally means launching new agent instances rather than resizing existing containers. This works well for OpenClaw deployments where you might run separate agents for monitoring, content generation, and data analysis. The autoscale settings apply to both the managed and self-hosted versions, though self-hosters must configure their own AWS Auto Scaling groups. Spot instances keep costs low during scale-out events, though you risk task termination if AWS reclaims capacity. The founder confirmed autoscale is active in production, meaning the platform handles traffic spikes without manual intervention, ensuring consistent agent performance and availability.
AGPL-3.0: What Open Source Actually Means Here
Molinar’s AGPL-3.0 license creates legal obligations that differ significantly from permissive MIT or Apache licenses. If you modify the platform code and run it as a service accessible to others over a network, you must share those modifications under the same license terms. This prevents cloud providers from deploying proprietary forks of Molinar without contributing improvements back upstream. For end users, this means you can audit every line of infrastructure code, from the Stytch authentication handlers to the ECS task definitions, ensuring no hidden telemetry or key logging exists. You can self-host indefinitely without paying license fees, but if you build a competing SaaS on top of Molinar’s codebase, you must open-source your changes. The license choice signals the founder’s commitment to ecosystem health over proprietary lock-in, aligning incentives with the OpenClaw community’s values of transparency and user control. This copyleft approach protects against enclosure by commercial entities while keeping the code free for individual developers, fostering a truly open and collaborative environment.
The “Closet Mac Mini” Problem Solved by Cloud Infrastructure
Before Molinar, running a production OpenClaw agent required dedicating hardware like a Mac Mini or Raspberry Pi to 24/7 operation, complete with UPS battery backups, cooling considerations, and dynamic DNS configurations for remote access. You became responsible for kernel updates, WiFi stability, and power outages that could corrupt your agent’s state. Molinar eliminates this operational burden by moving compute to AWS Fargate, where professional data centers handle physical security, redundant power, and network connectivity. Your agent persists through local internet outages at your home or coffee shop because it runs in us-east-1 or your chosen region, not on your desk. The cost of $49 monthly roughly equals the electricity and hardware depreciation of running a dedicated Mini, but adds professional-grade monitoring, automatic backups, and global accessibility. You no longer need to SSH through your home router or worry about your ISP changing IP addresses. This shift to managed cloud infrastructure provides a significant upgrade in reliability and convenience for OpenClaw users.
Solo Developer Velocity: Lessons from the Molinar Build
The founder’s ability to ship a full-featured platform in twenty-four hours demonstrates modern cloud abstractions have reached a maturity level that enables individual developers to compete with venture-backed teams. By combining Stytch for authentication, Supabase for database and realtime features, and AWS Fargate for container orchestration, the builder avoided weeks of boilerplate coding around user management and infrastructure provisioning. The lesson for other OpenClaw developers is clear: focus your custom code on the business logic that differentiates your agent’s capabilities, not the undifferentiated heavy lifting of billing portals or log aggregation. Use managed services for everything except your core value proposition. The speed also suggests that OpenClaw’s ecosystem has reached a tipping point where infrastructure tools specifically designed for AI agents will proliferate, lowering the barrier to entry for autonomous systems. You can now validate an AI agent business idea over a weekend rather than a quarter, democratizing access to powerful AI deployment capabilities.
Integration with Existing OpenClaw Tooling
Molinar maintains compatibility with the broader OpenClaw ecosystem, including skills from the OpenClaw Tool Registry and sub-agents available on marketplaces like Moltedin. Because the platform runs standard OpenClaw containers, you can import existing skills without modification, leveraging capabilities like web search, file system access, and shell command execution that we covered in our OpenClaw Skills Guide. The platform injects environment variables automatically, so tools requiring API keys pull from the same SSM Parameter Store as the core Anthropic credentials. If you have built custom OpenClaw extensions or mission control dashboards following our previous tutorials, these integrate seamlessly with Molinar-deployed agents through standard HTTP APIs. The Telegram interface supports rich formatting for tool outputs, meaning your agents can return structured data from LobsterTools or other curated directories directly to your phone. This interoperability ensures Molinar functions as infrastructure glue rather than a walled garden, fostering a rich and extensible agent environment.
What This Means for the OpenClaw Ecosystem
Molinar’s release signals the maturation of OpenClaw from a framework for hobbyists into a deployable platform suitable for production business operations. By solving the “last mile” problem of infrastructure, the project enables developers to focus on agent capabilities rather than DevOps automation. We expect to see a wave of specialized OpenClaw hosting providers following this model, potentially creating a fragmented but competitive market that drives down costs and improves security practices. The AGPL licensing ensures these derivatives remain open, preventing the enclosure of the commons that plagues other open-source AI projects. For builders, this means you can now pitch OpenClaw-based solutions to enterprise clients with confidence in uptime and security standards. The ecosystem will likely expand to include managed databases, vector stores, and monitoring tools specifically designed for autonomous agent workloads. Watch for integrations with our existing coverage on building autonomous content marketing teams, as these patterns now deploy effortlessly via Molinar. This development is a significant step forward for the entire OpenClaw community.
Frequently Asked Questions
How much does Molinar cost compared to self-hosting?
Molinar charges $49 monthly for the starter managed plan or $149 for professional tiers, while self-hosting requires only AWS infrastructure costs of approximately $30-40 per month per agent. The $49 premium covers automated updates, Stytch authentication management, and support overhead. If you possess DevOps expertise and time to configure Supabase, Stripe, and ECS clusters yourself, self-hosting saves money but adds operational burden. For most solo developers, the managed option costs less than one hour of consulting rates while eliminating infrastructure headaches. Both approaches remain significantly cheaper than maintaining physical hardware like Mac Minis when you factor in electricity and internet costs.
Is my Anthropic API key safe with Molinar?
Your API key never touches Molinar’s database, instead residing in AWS SSM Parameter Store with KMS encryption. The platform uses IAM roles scoped to specific task ARNs, meaning containers can only read their own organization’s secrets. Because Molinar operates under AGPL-3.0, you can audit the exact code paths handling credentials, confirming no logging or telemetry captures your key. The BYOK architecture ensures Molinar cannot see your prompts or usage patterns, unlike platforms that proxy requests through their infrastructure. You maintain direct billing with Anthropic, retaining full control over rate limits and spending caps.
Can I run Molinar on my own infrastructure?
Yes, the entire platform is AGPL-3.0 licensed and available on GitHub, including Terraform configurations or CloudFormation templates for AWS deployment. You can deploy to your own AWS account, use your own Supabase instance, and modify the Next.js frontend without restrictions. Self-hosting requires expertise in ECS Fargate, IAM policy configuration, and Stripe webhook setup, but provides complete data sovereignty. The repository includes documentation for local development and production deployment patterns, though you assume responsibility for security updates and autoscaling configuration.
What happens if my agent crashes or goes offline?
Molinar’s autoscale configuration detects failed health checks and automatically restarts your ECS task, typically recovering within sixty seconds. CloudWatch alerts trigger on container exits, and the platform streams real-time logs to your dashboard showing exactly which process failed. Because each agent runs in isolated Fargate tasks, crashes do not affect other agents or the platform control plane. For persistent issues, you receive notifications through the configured Telegram bot when the agent state changes from Ready to Provisioning, allowing immediate intervention or rollback to previous configurations stored in SSM Parameter Store history.
How does Molinar compare to running OpenClaw locally on a Mac Mini?
Molinar eliminates the hardware maintenance, power costs, and network reliability issues inherent in closet-server setups. While a Mac Mini provides physical control, it requires manual updates, dynamic DNS for remote access, and lacks the autoscale capabilities of AWS Fargate. Molinar offers professional-grade security with egress-only networking and encrypted secrets management that most home networks cannot replicate. The $49 monthly cost approximates electricity and hardware depreciation for a Mini while adding global accessibility, automated backups, and 99.9 percent uptime guarantees from AWS infrastructure.