https://blundersurfer.com/projects/builds/ Recent content in Open Builds on Blundersurfer Hugo -- gohugo.io en © 2026 Blundersurfer Sun, 19 Apr 2026 00:00:00 +0000 https://blundersurfer.com/projects/builds/servermonkey/ Sun, 19 Apr 2026 00:00:00 +0000 https://blundersurfer.com/projects/builds/servermonkey/ Servermonkey is an MCP to help your agent do your IT ops for you. <p><a href="https://github.com/blundersurfer/servermonkey">Get Servermonkey</a></p> <h2 id="overview">Overview.</h2> <p>I have a problem. My project list is far too long. I have a ton of tools I want to deploy, capabilities to expand into and dependencies for my lab. All of this would be fine, but I&rsquo;m short on time, and picky about my lab. So what&rsquo;s the answer for me? Lower the energy needed to stand up and maintain services in my lab. Luckily I&rsquo;ve got a new Proxmox host and an AI agent. So enter servermonkey. This is my attempt to be comfortable letting my AI agent make changes to my environment.</p> <h2 id="what-do-i-want-to-do">What do I want to do?</h2> <ol> <li>Prevent the Agent from doing anything dangerous enough to bother me</li> <li>Limit the scope of issues of it does go sideways</li> <li>The agent needs enough permissions to do useful things</li> <li>The solution should be a building block. The goal isn&rsquo;t to deploy stuff, it&rsquo;s do do stuff with the deployed stuff.</li> </ol> <h2 id="so-what-did-i-do">So what did I do?</h2> <ol> <li>Give access tokens to my AI Agent</li> <li>Limit the access tokens to create, configure and start, but not stop or destroy resources. This limits the amount of cleanup I have to do.</li> <li>Persistent durable data is stored on my NAS through a SMB share so I don&rsquo;t need to worry about the container volume being destroyed</li> <li>When in doubt or if access is limited the AI gives me the commands to run to perform an action. Ex: If my agent can&rsquo;t ssh into a container I have to install ssh, configure the service and add the key first. This is usually a set of pct commands that take a minute or two to run. It&rsquo;s annoying, but just annoying enough for me to read the bash scripts.</li> <li>The containers are only available locally. Network segmentation via VLAN, ID&rsquo;s and meta data that indicate it an AI container, and a planning process to choose secure, widely used applications all limit the attack surface of the resource.</li> </ol> <p>The goal here is to move quicker with less hassle. If it&rsquo;s important enough for me to worry about it I should plan the deployment better.</p> <h2 id="criticisms">Criticisms</h2> <ol> <li>&ldquo;But isn&rsquo;t this automating deploying a template and syncing from a repo?&rdquo; Yes yes it is, when it works well. When there are issues telling the robot to &lsquo;go fix it&rsquo; takes the cognitive load off of creating tech debt for myself</li> <li>&ldquo;It sounds like you don&rsquo;t care about the services you&rsquo;re installing.&rdquo; Yep, the services are disposable and serve to solve a problem I have as quickly and as friction less as possible.</li> </ol>