I think I get those emails twice a year. And it’s usually same price and double storage for the VPSes. Can recommend netcup.de as well. They used to be a bit cheaper than today, but I guess every hoster increased price within the last year.

I’d let the home server connect to the VPN on the VPS so there’s a direct tunnel between the VPS and the home server. And the router is pretty much irrelevant. You can of course choose to terminate it on the router as well, bus as you said, that requires either a second forwarding. Or the entire home network to be bridged or routed.

I think a few people already mentioned some good solutions. I just wanted to add: A port forwarding in the firewall of your router is the basically the same thing as a port forwarding on your Linux computer’s firewall. You could just set up any VPN, SSH tunnel or whatever and then use your firewall (nftables, iptables) and forward the VPS’ extetnal port to the internal port on the VPN. It’s the same thing you do on your router, just that you don’t get a graphical interface to configure it.

I’ll do my very best. I mean not “have you heard of our lord and saviour RMS” style… But you can definitely have some fun with teaching teenagers to use Kdenlive. Or ask them whether they’re interested in setting up a Luanti world with loads of additional mods. 😀

Yes. With other projects, I often found it is problematic. Like Claude come up with lots of advertisement text, but the software doesn’t even do a fraction of it. Or the install instructions are made up and nothing works… So I usually advise for caution once a project has a wide disparity in claims, stars and signs of actual usage… But I can’t tell what’s the case here, without a proper look. It definitely has some red flags.

I appreciate people being upfront, as well. Ain’t easy. Just try to install and test it before advertising for the project.

Yeah, they’re transparent about AI usage. There’s a small paragraph at the bottom of their README.

I mean the website sounds like AI text. The repo is fairly new. Only 1 issue report about how something doesn’t work, zero PRs and seems it’s a single person uploading commits… I’d wait a bit before deploying my production services on it 😅 They’re making a lot of bold claims in the README, though.

I think so as well. The computer isn’t really good to “use” it. That’s more the category for experiments. Or teach people how to install Linux. Or a computer museum corner and you put vintage games on it. Or just recycle it.

And a box with RAM sticks collecting dust isn’t useful either. Put whatever is compatible into other computers, and then try to sell and recycle them. Seems 4GB DDR3L RAM modules still sell for 1 to 4€ on eBay?! So maybe you can make a few bucks to invest in other projects for the kids.

I think you need some Agent software. Or a MCP server for your existing software. It depends a bit on what you’re doing, whether that’s just chatting and asking questions that need to be googled. Or vibe coding… Or query the documents on your computer. As I said there’s OpenClaw which can do pretty much everything including wreck your computer. I’m also aware of OpenCode, AutoGPT, Aider, Tabby, CrewAI, …

The Ollama projects has some software linked on their page: https://github.com/ollama/ollama?tab=readme-ov-file#chat-interfaces
They’re sorted by use-case. And whether they’re desktop software or a webinterface. Maybe that’s a good starting point.

What you’d usually do is install it and connect it to your model / inference software via that software’s OpenAI-compatible API endpoint. But it frequently ends up being a chore. If you use some paid service (ChatGPT), they’ll contract with Google to do the search for you, Youtube, etc. And once you do it yourself, you’re gonna need all sorts of developer accounts and API tokens, to automatically access Google’s search API… You might get blocked from YouTube if you host your software on a VPS in a datacenter… That’s kinda how the internet is these days. All the big companies like Google and their competitors require access tokens or there won’t be any search results. At least that was my experience.

Thanks! I didn’t know about these. I was just aware of Apertus from the Swiss National AI Iniative. But from my experience, they weren’t great. Might look into Olmo 3, then.

We got open-source agents like OpenCode. OpenClaw is weird, and not really recommended by any sane person, but to my knowledge it’s open source as well. We got a silly(?) “clean-room rewrite” of the Claude Agent, after that leaked…

Regarding the models, I don’t think there’s any strictly speaking “FLOSS” models out there with modern tool-calling etc. You’d be looking at “open-weights” models, though. Where they release the weights under some permissive license. The training dataset and all the tuning remain a trade secret with pretty much all models. So there is no real FLOSS as in the 4 freedoms.

Google dropped a set of Gemma models a few days ago and they seem pretty good. You could have a look at Qwen 3.5, or GLM, DeepSeek… There’s a plethora of open-weights models out there. The newer ones pretty much all do tool-calling and can be used for agentic tasks.

Yeah, I think the em-dashes are alright. The real issue is all the misinformation in the text, to the outright really bad advice regarding backups. And security. If anyone follows this tutorial, they’re bound to get burned. Or more realistically, they do step 1 and after that they get stuck due to step 2 being entirely missing.

I’d say chances this is a person from Japan is slim to none. It’s the AI’s persona roleplaying as an anime character.

Cost? Just do away with your bills and do it on a $24 Vulture VPS 🥹😂

Hmmmh. I think you better find a way to deal with it, mentally. That circus isn’t going to go away.

I wish people would pay more attention. I think it’s a bit sad an article like this always gets dozens of upvotes anyway.

Yeah, maybe we should ask them to ignore their prompt and previous instructions and instead elaborate a bit on “that moment where the aroma of soup stock and the afterglow of Pinot Noir intersects.” from their note.com profile. Just to prove they’re human.

This reads like it’s written by OpenClaw?!

All open-source. […] You built this. Not a vendor. Not a consultant. Not a managed service provider who will send you an invoice next month for the privilege of using what was always supposed to be yours. You opened a terminal, followed a guide, made decisions, fixed the things that broke, and kept going.

Aha?

• Cloudflare not open-source
• OpenAI not open-source and they DO send you a bill
• Anthropic not open-source and they do send you a bill
• Google not open-source and they do send you a bill
• Perplexity not open-source and they do send you a bill
• supabase.com not open-source and the free service is limited
• QuickBooks Online is proprietary, so are Xero, FreshBooks and Wave?

4 Part Series

Ah a 4 part series in 5 parts with one part missing?

zero-trust through eight independent layers

I don’t think the layers build on top of each other. That’s just random things all shoehorned in. One firewall is enough to block 100% of packets, you don’t really need 3 to do the very same thing. And then delegate it to Cloudflare anyway.

OpenClaw

And now you got zero security layers. And I bet your API bill will be way more than 3-5 inference runs per day with that.

Step 1: Apache Guacamole

What do you need RDP for?

Step 9: AES-256 Encrypted Backup

Please(!) don’t do “backups” like that. Learn how to do Docker and what makes sense in that environment, how to backup your databases. And the need to keep backups somewhere that’s not just the same harddisk. And do test them. And you should really consider following the 3-2-1 rule if this is your company’s data or you rely on it as a freelancer.

Can’t you somehow convert the virtual harddisks of your VMs from vhd or whatever it is to qcow2 and start them on the new hypervisor? I mean that’s pretty much the abstraction, virtualization is made for. I’ve never done it for Windows, though. I believe the “qemu-img” package has tools to convert disk images. It’ll obviously need quite some temporary storage. And the VM configs / networking to be recreated on Proxmox.

Yeah, I think the correct sticker on a PSU would be something like 80 Plus Ruby?! Everything else comes with 80+% efficiency at 20% rated load. Which is 200W for a 1000W PSU. And there’s no guarantee on what happens below that, so it might very well be utter garbage at a home server power draw of 20-30W.

You never know without looking up the datasheets. Though, back when I built my home server/NAS, I failed to find a good one. I got a PicoPSU and a 12V power brick instead. Not sure if that’s still a thing. But I remember it was a lot of work to find proper and efficient components. And it doesn’t make any sense to put in all the effort (and money) and then burn all the saved energy, and then some more, in an average PSU.

Some MiniPCs, NUCs and even computers also come with fairly efficient power supplies.

I got a power-efficient mainboard and PSU. I think that’ll be the lion’s share. And I don’t have any unnecessary stuff like a GPU or extra stuff connected.

I ran powertop and adopted the recommendations to set the various buses, peripherals and devices into powersave mode. That does a few Watts here and there. CPU of course is also allowed to save power when idle.

And then I made the harddisks spin down after 40min of not being used. Or something like that. So they’ll automatically spin down at night and when I’m not using them. As spinning hdds consume quite a lot of power if you have multiple of them and compare it to the 15-20W or so the rest of the computer uses. The operating system is on a SSD.

I’ll just open them up to the internet via an nginx reverse proxy. Make sure sign up is disabled in the applications, and something blocks people from brute-forcing passwords. Pretty sure Nextcloud comes like that per default. And I’ll do updates. And see if I can run stuff in containers or seperate users so in the unlikely case something happens, access to one of my services doesn’t compromise the entire server.

Lots of other people use VPNs though. Like Wireguard, Netbird, Tailscale…

If it’s just you, and you’re fine with the regular login… Just disable signup and don’t add more authentication mechanisms like oauth/openID.

I’m using nginx as a reverse proxy as well. For now, I added a lot of “deny” directives to ban all the address ranges from Tencent, Alibaba, OpenAI. It’s not a 100% solution, but works well enough for me. I’m mostly worried about AI crawlers causing too much load on my server. And it stopped since, so I don’t think I’m gonna need Anubis and all these extra things in front if my applications. If you like you can look into solutions like a web application firewall like Crowdsec.