Get Servermonkey

Overview.

I have a problem. My project list is far too long. I have a ton of tools I want to deploy, capabilities to expand into and dependencies for my lab. All of this would be fine, but I’m short on time, and picky about my lab. So what’s the answer for me? Lower the energy needed to stand up and maintain services in my lab. Luckily I’ve got a new Proxmox host and an AI agent. So enter servermonkey. This is my attempt to be comfortable letting my AI agent make changes to my environment.

What do I want to do?

  1. Prevent the Agent from doing anything dangerous enough to bother me
  2. Limit the scope of issues of it does go sideways
  3. The agent needs enough permissions to do useful things
  4. The solution should be a building block. The goal isn’t to deploy stuff, it’s do do stuff with the deployed stuff.

So what did I do?

  1. Give access tokens to my AI Agent
  2. Limit the access tokens to create, configure and start, but not stop or destroy resources. This limits the amount of cleanup I have to do.
  3. Persistent durable data is stored on my NAS through a SMB share so I don’t need to worry about the container volume being destroyed
  4. When in doubt or if access is limited the AI gives me the commands to run to perform an action. Ex: If my agent can’t ssh into a container I have to install ssh, configure the service and add the key first. This is usually a set of pct commands that take a minute or two to run. It’s annoying, but just annoying enough for me to read the bash scripts.
  5. The containers are only available locally. Network segmentation via VLAN, ID’s and meta data that indicate it an AI container, and a planning process to choose secure, widely used applications all limit the attack surface of the resource.

The goal here is to move quicker with less hassle. If it’s important enough for me to worry about it I should plan the deployment better.

Criticisms

  1. “But isn’t this automating deploying a template and syncing from a repo?” Yes yes it is, when it works well. When there are issues telling the robot to ‘go fix it’ takes the cognitive load off of creating tech debt for myself
  2. “It sounds like you don’t care about the services you’re installing.” Yep, the services are disposable and serve to solve a problem I have as quickly and as friction less as possible.