1. Installer Terraform sur macOS

brew tap hashicorp/tap
brew install hashicorp/tap/terraform
terraform --version

2. Obtenir une clé API RunPod

Rendez-vous sur https://www.runpod.io/console/user/settings

Sectionnez API Keys Create API Key (permissions Read/Write)

Copiez la clé et exportez-la:
export RUNPOD_API_KEY="rp_xxxxxxxxxxxxxxxxxxxxxxxx"


3. Fichiers Terraform

Créez un dossier openclaw-runpod/ et place-y ces 3 fichiers:

vim openclaw-runpod/variables.tf

variable "runpod_api_key" {
  description = "RunPod API key"
  type        = string
  sensitive   = true
  default     = ""
}

variable "ssh_public_key" {
  description = "SSH public key for secure access"
  type        = string
}

variable "pod_name" {
  description = "Name of the RunPod pod"
  type        = string
  default     = "openclaw"
}

vim openclaw-runpod/main.tf

terraform {
  required_providers {
    runpod = {
      source  = "decentralized-infrastructure/runpod"
      version = "1.0.1"
    }
  }
}

provider "runpod" {
  # Uses RUNPOD_API_KEY environment variable
}

resource "runpod_pod" "openclaw" {
  name       = var.pod_name
  image_name = "runpod/pytorch:2.1.0-py3.10-cuda11.8.0-devel"

  # RTX 4000 Ada — 20GB VRAM, bon rapport qualité/prix
  # Suffisant pour OpenClaw + modèle local 8B-13B simple pour test
  gpu_type_ids = ["NVIDIA RTX 4000 Ada Generation"]
  gpu_count    = 1

  cloud_type        = "SECURE"
  support_public_ip = true

  # OpenClaw recommande 4GB RAM min, 50GB disque min
  container_disk_in_gb = 50
  volume_in_gb         = 50
  volume_mount_path    = "/workspace"

  # SSH (sécurisé) + port OpenClaw (via tunnel SSH uniquement)
  ports = ["22/tcp"]

  env = {
    PUBLIC_KEY       = var.ssh_public_key
    JUPYTER_PASSWORD = "disabled"
  }

  docker_start_cmd = [
    "bash", "-c",
    join(" && ", [
      "mkdir -p /root/.ssh",
      "echo $PUBLIC_KEY > /root/.ssh/authorized_keys",
      "chmod 700 /root/.ssh",
      "chmod 600 /root/.ssh/authorized_keys",
      "service ssh start",
      "apt-get update -qq",
      "apt-get install -y -qq curl cmake build-essential",
      "curl -fsSL https://deb.nodesource.com/setup_22.x | bash -",
      "apt-get install -y -qq nodejs",
      "npm install -g openclaw@latest",
      "sleep infinity",
    ])
  ]
}

vim openclaw-runpod/outputs.tf

output "pod_id" {
  description = "RunPod Pod ID"
  value       = runpod_pod.openclaw.id
}

output "pod_cost_per_hr" {
  description = "Cost per hour"
  value       = runpod_pod.openclaw.cost_per_hr
}

output "pod_public_ip" {
  description = "Public IP (use for SSH)"
  value       = runpod_pod.openclaw.public_ip
}

4. Lancer le déploiement

cd openclaw-runpod

# Initialiser Terraform
terraform init

# Prévisualiser ce qui va être créé
terraform plan -var="ssh_public_key=$(cat ~/.ssh/id_ed25519.pub)"

# Créer le pod
terraform apply -var="ssh_public_key=$(cat ~/.ssh/id_ed25519.pub)"

5. Se connecter et utiliser OpenClaw

# Récupérer l'IP publique
terraform output pod_public_ip

# SSH avec tunnel pour accéder à OpenClaw en local de façon sécurisée
ssh -L 3000:localhost:3000 root@<IP_PUBLIQUE>

# Une fois connecté au pod :
openclaw setup
openclaw health

OpenClaw sera accessible à http://localhost:3000


6. Détruire le pod

terraform destroy -var="ssh_public_key=$(cat ~/.ssh/id_ed25519.pub)"