We got open-source agents like OpenCode. OpenClaw is weird, and not really recommended by any sane person, but to my knowledge it’s open source as well. We got a silly(?) “clean-room rewrite” of the Claude Agent, after that leaked…

Regarding the models, I don’t think there’s any strictly speaking “FLOSS” models out there with modern tool-calling etc. You’d be looking at “open-weights” models, though. Where they release the weights under some permissive license. The training dataset and all the tuning remain a trade secret with pretty much all models. So there is no real FLOSS as in the 4 freedoms.

Google dropped a set of Gemma models a few days ago and they seem pretty good. You could have a look at Qwen 3.5, or GLM, DeepSeek… There’s a plethora of open-weights models out there. The newer ones pretty much all do tool-calling and can be used for agentic tasks.

Yeah, I think the em-dashes are alright. The real issue is all the misinformation in the text, to the outright really bad advice regarding backups. And security. If anyone follows this tutorial, they’re bound to get burned. Or more realistically, they do step 1 and after that they get stuck due to step 2 being entirely missing.

I’d say chances this is a person from Japan is slim to none. It’s the AI’s persona roleplaying as an anime character.

Cost? Just do away with your bills and do it on a $24 Vulture VPS 🥹😂

Hmmmh. I think you better find a way to deal with it, mentally. That circus isn’t going to go away.

I wish people would pay more attention. I think it’s a bit sad an article like this always gets dozens of upvotes anyway.

Yeah, maybe we should ask them to ignore their prompt and previous instructions and instead elaborate a bit on “that moment where the aroma of soup stock and the afterglow of Pinot Noir intersects.” from their note.com profile. Just to prove they’re human.

This reads like it’s written by OpenClaw?!

All open-source. […] You built this. Not a vendor. Not a consultant. Not a managed service provider who will send you an invoice next month for the privilege of using what was always supposed to be yours. You opened a terminal, followed a guide, made decisions, fixed the things that broke, and kept going.

Aha?

• Cloudflare not open-source
• OpenAI not open-source and they DO send you a bill
• Anthropic not open-source and they do send you a bill
• Google not open-source and they do send you a bill
• Perplexity not open-source and they do send you a bill
• supabase.com not open-source and the free service is limited
• QuickBooks Online is proprietary, so are Xero, FreshBooks and Wave?

4 Part Series

Ah a 4 part series in 5 parts with one part missing?

zero-trust through eight independent layers

I don’t think the layers build on top of each other. That’s just random things all shoehorned in. One firewall is enough to block 100% of packets, you don’t really need 3 to do the very same thing. And then delegate it to Cloudflare anyway.

OpenClaw

And now you got zero security layers. And I bet your API bill will be way more than 3-5 inference runs per day with that.

Step 1: Apache Guacamole

What do you need RDP for?

Step 9: AES-256 Encrypted Backup

Please(!) don’t do “backups” like that. Learn how to do Docker and what makes sense in that environment, how to backup your databases. And the need to keep backups somewhere that’s not just the same harddisk. And do test them. And you should really consider following the 3-2-1 rule if this is your company’s data or you rely on it as a freelancer.

Can’t you somehow convert the virtual harddisks of your VMs from vhd or whatever it is to qcow2 and start them on the new hypervisor? I mean that’s pretty much the abstraction, virtualization is made for. I’ve never done it for Windows, though. I believe the “qemu-img” package has tools to convert disk images. It’ll obviously need quite some temporary storage. And the VM configs / networking to be recreated on Proxmox.

Yeah, I think the correct sticker on a PSU would be something like 80 Plus Ruby?! Everything else comes with 80+% efficiency at 20% rated load. Which is 200W for a 1000W PSU. And there’s no guarantee on what happens below that, so it might very well be utter garbage at a home server power draw of 20-30W.

You never know without looking up the datasheets. Though, back when I built my home server/NAS, I failed to find a good one. I got a PicoPSU and a 12V power brick instead. Not sure if that’s still a thing. But I remember it was a lot of work to find proper and efficient components. And it doesn’t make any sense to put in all the effort (and money) and then burn all the saved energy, and then some more, in an average PSU.

Some MiniPCs, NUCs and even computers also come with fairly efficient power supplies.

I got a power-efficient mainboard and PSU. I think that’ll be the lion’s share. And I don’t have any unnecessary stuff like a GPU or extra stuff connected.

I ran powertop and adopted the recommendations to set the various buses, peripherals and devices into powersave mode. That does a few Watts here and there. CPU of course is also allowed to save power when idle.

And then I made the harddisks spin down after 40min of not being used. Or something like that. So they’ll automatically spin down at night and when I’m not using them. As spinning hdds consume quite a lot of power if you have multiple of them and compare it to the 15-20W or so the rest of the computer uses. The operating system is on a SSD.

I’ll just open them up to the internet via an nginx reverse proxy. Make sure sign up is disabled in the applications, and something blocks people from brute-forcing passwords. Pretty sure Nextcloud comes like that per default. And I’ll do updates. And see if I can run stuff in containers or seperate users so in the unlikely case something happens, access to one of my services doesn’t compromise the entire server.

Lots of other people use VPNs though. Like Wireguard, Netbird, Tailscale…

If it’s just you, and you’re fine with the regular login… Just disable signup and don’t add more authentication mechanisms like oauth/openID.

I’m using nginx as a reverse proxy as well. For now, I added a lot of “deny” directives to ban all the address ranges from Tencent, Alibaba, OpenAI. It’s not a 100% solution, but works well enough for me. I’m mostly worried about AI crawlers causing too much load on my server. And it stopped since, so I don’t think I’m gonna need Anubis and all these extra things in front if my applications. If you like you can look into solutions like a web application firewall like Crowdsec.

Pretty sure back then we didn’t even call it piracy. It was a normal, and perfectly legal thing to do. I remember my uncle and parents copy songs to casettes so 10yo me could listen to my favorite songs on my casette deck. We shared audiobooks with the neighbourhood kids (without copying them). We made mixtapes for the car stereo. And a new mixtape for every road trip. We also “pirated” the TV. Have the VHS record the Star Trek episode because I wasn’t home on thursdays at 4pm. Or record some awesome blockbuster movie to re-watch it later.

Latest changes in the EU are part of the NIS-2 directive. My private German domains don’t show a lot of detail and it’s been like that for many years.

Start simple, then work your way up. Construct a static website with HTML. Learn how to navigate folders on a (remote) server, so the Linux commandline. Learn how to install software and where to find the configuration and logfiles. Then install some webserver and make it serve your first website. You can do all of this on your own computer. And after that you can learn how to install other web applications, how to reconfigure your webserver to act as a reverse proxy.

So start with basic webdevelopment first, then do Linux, webservers, and then once you got the basics you can do more advanced apps, containers and all the stuff.

Not sure which book to recommend. But I often recommend https://yunohost.org to people who just want to run webservices. It does most of the complicated stuff for you and you just need to click install for software in YunoHost’s catalog. You just need to learn a few basic things about the internet, because it’s fairly easy to use.

Not sure if you broke out of the Matrix here. OP’s reply contained an em-dash, started with an affirmation. Follows the rule of three. I’d say there’s still a high likelihood it’s an AI which “claims” the code went through review.

Yeah, You’ll have to do a lot more troubleshooting than this. Did Docker successfully bind to port 8000? Can you curl it from the VPS itself? Does the container and the things in it run properly? Are there any error messages in the logs?

I’m not a Docker expert, but I’d start with the docker commands which show if a container is running and which ports it actually binds. Maybe a ss -at. then do a curl http://localhost:8000 and see if it returns your webpage. If it doesn’t, you need to fix your webpage container first. Or see if you can come up with an easier method to deploy your website.

A reverse proxy in any shape or form, will require your website to run, first.

Lol. For someone who says they expect other people to learn something, you’re a bit short in supply. I mean this would be an opportunity for someone (me) to learn something. But a down-vote won’t do it. And lessons on what not to do (discuss 2.5h, expect it to think) don’t lead anywhere either. I’d need to know what to do in my situation. Or where to find such information?!

Or was it because I said I value efficiency and for some reason you’re team bloat? I seriously don’t get it.

I don’t have a definite answer to it. Could be the case I’m somehow intelligent enough to remember all the quirks of C and C++. Eat a book on my favorite microcontroller in 3 days and remember details about the peripherals and processor. But somehow I’m too stupid to figure out how AI works. I can’t rule it out. At least I’ve tried.

I still think microcontroller programming is way more fun than coding some big Node.JS application with a bazillion of dependencies.

And I sometimes wish people would write an instant messenger like we have 4MB of RAM available and not eat up 1GB with their Electron app, which then also gets flagged by the maintainers for using some components that have open vulnerabilities, twice a year.

I mean I don’t see any reason why I shouldn’t be allowed to complain about it.

But yeah, software development is always changing. And sometimes I wonder if things are for the better or the worse.

I’ve had a lot of bad experience with embedded stuff and trying to let AI do it for me. I mostly ended up wasting time. I always thought it must be because these LLMs are mainly trained on regular computer code, without these constraints and that’s why they always smuggle in silly mistakes. And while fixing one thing, they break a different thing. But could also be my stupidity.
I’ve had a way better time letting it do webfrontends, CSS, JavaScript… even architecture.

But I don’t think this (specifically) is one of the big issues with AI anyway. People are free to learn whatever they want. There’s a lot if niches in computer science. And diversity is a good thing.

We also have issues with young people in the industry. As some junior developer stuff is now done by AI, we’re lacking more and more positions to start in, and learn the ropes. And you can’t start out as a senior, either. So that got more complicated as well.

Haha. I think there’s often a rough idea on what kind of programmer people are, judging by their opinion on these AI tools.

Have you tried arguing with your AI assistant for 2.5h straight about memory allocation, and why it can’t just take some example code from some documentation? And it keeps doing memory allocation wrong? Scold it over and over again to use linear algebra instead of trigonometric functions which won’t cut it? Have you tried connecting Claude Code to your oscilloscope and soldering iron to see what kind of mess its code produces?

I’m fairly sure there are reasons to use AI in software development. And there are also good reasons to do without AI, just use your brain and be done with it in one or two hours instead of wasting half a workday arguing and then still ending up doing it yourself 😅

I don’t think these programmers are idiots. There’s a lot of nuance to it. And it’s not easy at all to apply AI correctly so it ends up saving you time.