Self-built CPA cliproxyapi aggregating various free charity stations for Openclaw - Oracle VPS Ubuntu system using non-root user, can use official installation script

byǝɔɐǝԀʎzɐɹƆ •四月 24, 2026

0

Now there are CPA installation tutorials everywhere.

Here I want to record my own操作过程 — Oracle VPS Ubuntu system using non-root user without sudo -i

Official installation script

curl -fsSL https://raw.githubusercontent.com/brokechubb/cliproxyapi-installer/refs/heads/master/cliproxyapi-installer | bash

source

Pay attention to the information output by the script

Execute command 1, enter your installation directory

cd /home/ubuntu/cliproxyapi

* If you are a root user, this directory will be different from mine, use your own directory as reference

Execute command 2, check if cpa background process can run, if there are any errors

./cli-proxy-api

Open a new SSH session, curl test

curl localhost:8317

* Note: 8317 is cpa's default port

Should get result like this

{"endpoints":["POST /v1/chat/completions","POST /v1/completions","GET /v1/models"],"message":"CLI Proxy API Server"}

At the same time, the SSH session running cpa prints a new line of log

So far, it confirms cpa core is running.

First stop cpa background process with Ctrl+C

Modify ./config.yaml configuration file

Set the following 2 items

allow-remote: true
secret-key: "your password"

source

* Note: YAML file's leading space indentation is meaningful, don't change it randomly.

* Note: You need to remember the password separately, because after cpa runs once, it will hash the plain text password and save it in the config file. When you open the config file later, you'll only see the scrambled hash.

Use command 3 to run cpa background as a service

systemctl --user enable cliproxyapi.service
systemctl --user start cliproxyapi.service

Then access with your own browser

http://your VPS's IP:8317/management.html

Should open cpa management page

Enter the admin password you just set in the config file, login should succeed.

Configure domain and TLS certificate

I use Caddy reverse proxy solution

Caddyfile configuration

your domain
{
tls Y3JhenlwZWFjZQ@gmail.com
reverse_proxy localhost:8317 {
header_up Host {upstream_hostport}
}
}

After configuration succeeds, you can access cpa via https://your domain/

For security, you also need to delete API keys with weak passwords

Adding Charity Stations

AI Provider - OpenAI-compatible provider

base url - api key - from /models

Select your preferred model

Adding to Your Own Openclaw

Model/auth provider
Custom Provider

API Base URL
https://your cpa domain/v1

* Note: If you haven't configured domain and TLS certificate, then it's http://your cpa's IP:8317/v1

How do you want to provide this API key?
Paste API key now

API Key (leave blank if not required)
sk-your cpa generated apikey

Endpoint compatibility
OpenAI-compatible

Model ID
gpt-5.4 (your cpa system's supported model)