zlacker

[return to "CLI agents make self-hosting on a home server easier and fun"]
1. simonw+g6[view] [source] 2026-01-11 22:01:25
>>websku+(OP)
This posts lists inexpensive home servers, Tailscale and Claude Code as the big unlocks.

I actually think Tailscale may be an even bigger deal here than sysadmin help from Claude Code at al.

The biggest reason I had not to run a home server was security: I'm worried that I might fall behind on updates and end up compromised.

Tailscale dramatically reduces this risk, because I can so easily configure it so my own devices can talk to my home server from anywhere in the world without the risk of exposing any ports on it directly to the internet.

Being able to hit my home server directly from my iPhone via a tailnet no matter where in the world my iPhone might be is really cool.

◧◩
2. philip+f7[view] [source] 2026-01-11 22:07:51
>>simonw+g6
I agree! Before Tailscale I was completely skeptical of self hosting.

Now I have tailscale on an old Kindle downloading epubs from a server running Copyparty. Its great!

◧◩◪
3. ryandr+79[view] [source] 2026-01-11 22:16:01
>>philip+f7
Maybe I'm dumb, but I still don't quite understand the value-add of Tailscale over what Wireguard or some other VPN already provides. HN has tried to explain it to me but it just seems like sugar on top of a plain old VPN. Kind of like how "pi-hole" is just sugar on top of dnsmasq, and Plex is just sugar on top of file sharing.
◧◩◪◨
4. Jtsumm+oa[view] [source] 2026-01-11 22:22:09
>>ryandr+79
I think you answered the question. Sugar. It's easier than managing your own Wireguard connections. Adding a device just means logging into the Tailscale client, no need to distribute information to or from other devices. Get a new phone while traveling because yours was stolen? You can set up Tailscale and be back on your private network in a couple minutes.

Why did people use Dropbox instead of setting up their own FTP servers? Because it was easier.

◧◩◪◨⬒
5. johnis+m91[view] [source] 2026-01-12 06:19:35
>>Jtsumm+oa
Yeah, but "people" here are alleged software engieners. It is quite disheartening.
◧◩◪◨⬒⬓
6. duckmy+Up1[view] [source] 2026-01-12 08:50:12
>>johnis+m91
Software engineering is a broad spectrum where we can move up and down its abstraction ladder. Using off-the-shelf tools and even third-party providers is fine. I don't have to do everything from scratch - after all, I didn't write my own text editor. I'm also happy to download prepacked and preconfigured software on my Linux distro instead of compiling and adding them to PATH manually.

I could, I just choose not to and direct my interests elsewhere. Those interests can change over time too. One day someone with Tailscale can decide to explore Wireguard. Similarly, someone who runs their own mail server might decide to move to a hosted solution and do something else. That's perfectly fine.

To me, this freedom of choice in software engineering is not disheartening. It's liberating and exciting.

◧◩◪◨⬒⬓⬔
7. johnis+Nq1[view] [source] 2026-01-12 08:57:25
>>duckmy+Up1
That is a strawman though, and I am not sure why all replies assume extremes all the time.

Nobody said do everything from scratch. The point is: basic networking (port forwarding, WireGuard) should not be beyond someone's capability as a software engineer.

"I use apt instead of compiling" is a time tradeoff. "I can't configure a VPN" is a skill gap. These are not equivalent.

If you choose convenience for whatever reasons, that is completely fine.

◧◩◪◨⬒⬓⬔⧯
8. duckmy+By1[view] [source] 2026-01-12 10:00:16
>>johnis+Nq1
I'd argue that no, managing your own VPN is not a basic skill - certainly not in the realms of software engineering (more like network engineering).
◧◩◪◨⬒⬓⬔⧯▣
9. johnis+vz1[view] [source] 2026-01-12 10:08:21
>>duckmy+By1
WireGuard is ~10 lines of config and wg genkey. Calling that "network engineering" is a stretch.

The siloing of basic infrastructure knowledge into "not my discipline" is part of the problem. Software gets deployed somewhere: understanding ports, keys, and routing at a basic level is not specialized knowledge.

Honestly, if 10 lines of config is "network engineering", then the bar for software engineering has dropped considerably.

◧◩◪◨⬒⬓⬔⧯▣▦
10. Infini+tE1[view] [source] 2026-01-12 10:46:11
>>johnis+vz1
I am probably in the camp where I've found myself ovewhelmed with the amount of information about networks and I'm an alleged software engineer (without formal training in CS albeit).

The 10 loc is not a valid measure.

`sudo rm -rf /` is a 1 line of code. It's not the lines that are hard to wrap your brain around, it's the implication of the lines that really what we are talking about.

◧◩◪◨⬒⬓⬔⧯▣▦▧
11. johnis+HM1[view] [source] 2026-01-12 11:51:41
>>Infini+tE1
The rm -rf comparison is a bit dramatic. WireGuard's config is conceptually simple: your key, peer's key, endpoint, what IPs route through the tunnel. The "implications" are minimal. It is a point-to-point encrypted tunnel.

Being overwhelmed by networking basics is worth addressing regardless. It comes up constantly: debugging connectivity, deployments, understanding why your app cannot reach a database. 30 minutes with the WireGuard docs would demystify it. The concepts are genuinely simple and worth 30 minutes to understand as it applies far beyond VPNs.

I have become pragmatic too. I do not tinker for the sake of it anymore. But there is a difference between choosing convenience and lacking foundational knowledge. One is a time tradeoff, the other is a gap that will bite you eventually.

And with LLMs, learning the basics is easier than ever. You can ask questions, get explanations, work through examples interactively. There is less excuse now to outsource or postpone foundational knowledge, not more[1].

At some point it is just wanting the benefits without the investment. That is not pragmatism, it is hoping the gaps never matter. They usually do.

[1] You can ask an LLM to do all of that for you and make it help you understand under less than 10 minutes!

◧◩◪◨⬒⬓⬔⧯▣▦▧▨
12. Infini+4R1[view] [source] 2026-01-12 12:21:38
>>johnis+HM1
I do agree on that using LLMs to demistify, learn and explore is better alternative than handing it off to go rouge on, is a better advice. That's how I used it last weekend and I think that's what I would advocate the usage instead of just letting YourFavouriteAI be the sys admin.

My problem is not just networking knowledge. I genuinely faced issues with open source tools. Troubleshooting in the days of terrible search is also a major annoyance. Sometimes, it's just the case that some of the tools have evolved and the same commands don't work as did for someone in 2020 in some obscure forum. I remember those days of tinkering with linux and open source where you'd rely on a Samaritan (bless their soul) who said they'd go home and check up and update you.

Claude suggested me Tailscale too, but I'm glad we're having this conversation (thanks for the tips btw), so that we don't follow hallucinations or bad advice by similarly trained agents. I'm cautiously positive, but I think there's still a case to go self hosted with AI assistance. I found myself looking at possibilities rather than fearing dead ends and time black holes.

◧◩◪◨⬒⬓⬔⧯▣▦▧▨◲
13. johnis+422[view] [source] 2026-01-12 13:23:21
>>Infini+4R1
Thank you for your reply!

I am glad that it is useful to you! The "terrible search + outdated forum posts" problem is real for sure. LLMs genuinely help there by synthesizing across versions and explaining what changed.

I would say that self-hosting with AI assistance is the right approach. Use it to understand, not to blindly execute. Trust me, it is not much of a deal and you will be happy to have gone with this route afterwards!

Good luck with the setup. If you have any questions, let me know, I am always happy to help.

(I have very briefly mentioned some stuff here: >>46586406 but I can expand and be a bit more detailed as needed.)

[go to top]