The lobstertrap/tank-os repository provides a specialized Fedora-based bootc image designed to run the OpenClaw service as a rootless Podman workload. The central purpose of tank-os is to package Fedora Linux, OpenClaw, and related service components into a single, bootable, updateable image that can be deployed across virtual machines, cloud environments, or physical devices. This approach leverages bootc, a tool that transforms container images into bootable Linux OS images, enabling transactional updates and consistent deployments.

Tank-os is particularly useful for scenarios where a reproducible, appliance-like OpenClaw host is needed. By distributing OpenClaw as part of a bootc container image, users can build disk images (such as QCOW2 for VMs), deploy them, and boot machines that automatically start the OpenClaw service under a dedicated, unprivileged user account named 'openclaw'. This setup ensures that every instance behaves identically, making it ideal for local demos, lab or device fleets, sandboxed environments, and rapid development cycles. The repository emphasizes a mostly read-only, image-managed OS, with mutable state and secrets managed in expected locations: OpenClaw state is stored under the openclaw user's home directory, API keys are handled via rootless Podman secrets, and SSH access is configured per instance.

A key feature of tank-os is its integration of the OpenClaw runtime, host OS, Quadlet units (for Podman service orchestration), CLI shims, and upgrade mechanisms into a single OCI container image. This ensures that upgrades, rollbacks, and rebuilds are straightforward and consistent, reducing the risk of configuration drift. Users interact with the system by SSHing in as the openclaw user, editing OpenClaw files, using a CLI wrapper, and relying on systemd and Podman to keep services running. For testing and demos, the openclaw user is granted passwordless sudo access to simplify bring-up and update testing; in production, stricter privilege separation is recommended.

The repository provides comprehensive documentation to guide users through building the image, configuring login access, using the OpenClaw CLI, managing model provider keys, and setting up the service-gator integration. It also references upstream bootc documentation and tools like the Podman Desktop BootC extension and bootc-image-builder for disk image creation. The workflow supports both arm64 and amd64 architectures, and includes instructions for running local VMs on macOS using Podman Desktop, finding SSH ports, and tunneling the OpenClaw UI to the host browser.

Tank-os prioritizes security and flexibility by avoiding baked-in secrets, keeping OpenClaw state editable, and preferring rootless Podman for service management. The upgrade path is streamlined via bootc, allowing users to apply new images and test updates easily. Overall, tank-os transforms OpenClaw into a portable, bootable Linux appliance, simplifying deployment, management, and development across a variety of environments.