New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Setting Up Your VPS with Gemini CLI or Claude Code
Hello everyone!
I wanted to ask all of you what you think about setting up your VPS via the CLI.
I'm not necessarily talking about vibe coding here, though some AI models are doing an impeccable job when used properly.
I didn't find any flaws in Opus 4.6, as it helped me so much with configuring parts of my VPS; it found configuration issues in many places, especially with Postfix, Dovecot, Rspamd, and Roundcube (the open-source mail client).
Have any of you tried a CLI?
Did it make any mistakes in the config?
Thanks.
Comments
what? i just use the terminal. Who the hell uses Gemini CLI or Claude code to SSH into your server? you mean letting the AI have access to your server directly?
Yes, either Gemini CLI or Claude Code can be installed on your VPS, and the AI agents can do stuff in your place—executing commands, configuring files if you grant them permission (they ask every time before a command is executed in the terminal).
That's good that there is some security but i would still not let ANY AI onto my servers at all since there could be some security risks. but for a sandbox vps? eh
Here we go again..
That’s absolutely fine. It just might take a few tries to get the more complex steps right. Also, setting up the server doesn’t require such high-end model parameters—some free options work just fine, such as the free model included with OpenCode CLI. You’ll need to grant it permissions, provide very clear instructions, and ensure it has a thorough understanding of the server’s current status; otherwise, it might interfere with other processes. Once you’re done, just perform an audit.
Remember, this is the guy that thinks that his web panel is now completely free of security bugs because he prompted Claude to "think like an attacker".
NO.
I didn't encounter any security issues whatsoever, and I also ran end-to-end tests repeatedly until all issues were resolved.
No errors in logs.
AI seems to do a remarkable job at configuring servers. It's really unbelievable.
Mistakes are to be made so that we can learn.
So you realized that slopbots produce insecure code no matter how you prompt them?
And don't forget he'll shamelessly counter anything with what AI told him to say even if it's unrelated.
Dude is fucking retarded
As someone on his profile commented:
"Web panel" is the most gayest thing i ever heard in my life. i always dig though the Terminal
Maybe he'll create a web panel to interface with Claude which will set up from the terminal.
We run multiple CLIs, skills, and MCPs simultaneously on a single server, each performing different tasks: creating product documentation, technical specifications, deploying monitoring systems, and establishing detailed rules such as the number of retry attempts when issues arise. However, it’s essential to set clear boundaries for them; otherwise, they may crash and bring your work to a halt. For commands that require elevated permissions, the AI will typically ask you for authorization.
Currently, Claude offers the most reliable code quality but is also the most expensive. ChatGPT 5.4 excels at code auditing, while Gemini PRO performs best for front-end UI design.
Basic server maintenance and configuration tasks can be handled by Qwen.
The latest version of Qwen 3.6 Plus shows a significant improvement in code quality; I think it can reach about 80% of Claude's level.
Ok sorry. but i'll do that again Muahahahaha
Artificial Inteligence (AI) comes with a price and downside, making humanity developing more advanced Natural Stupidity (NS).
Im afraid people would lose their ability to learn stuff and using their Natural Imagination (NI) to do beautiful and wonderfull things AI cannot do.
It always does. Even the local models released recently by Google. (Gemma 4, as an example)
The agent recommended closing the open SSH port 22 (and other ports that do not support TLS/SSL) so I can rely on more secure ones, switching to a new port (e.g., 34221), and using SSH keys for security. Since then, nobody has been bruteforcing my server that was once on port 22.
It also installed a firewall and told me how to adjust my OpenWrt router.
It does a great job.
Did you know what it installed?
Did you know if it is secure? latest ver etc?
Might as well tell Openclaw to do it
You'll regret it. It will burn your tokens and constantly ask you to do things for it; otherwise, you'll have to create a ton of skills for it to use. Plus, it often loses connection when it's leveling up or when the network is unstable.
I am not getting the question. How else you setup vps if not use any type of CLI?
Perfect example of the AI giving you insecure advice. Using a high port for SSH is common advice, but it's flawed advice due to the fact that a high port is not privileged, i.e. anyone can bind to it. This allows a malicious local process to bind to SSH's port before it does and attempt to exploit clients. So congrats, you've essentially given every single unprivileged process CAP_NET_BIND_SERVICE as far as SSH is concerned, and you declared it safe because the AI told you.
You should just leave SSH on 22 and use pubkey authentication or, if you just don't want log spam, use nearly any free port below 1024 or use DNAT so SSH still binds to port 22 but you can access it from some other port like this:
As a bonus, you won't be "leaking" your SSH port via statistical analysis of random outgoing source ports or running the risk of SSH failing to start due to 34221 being within the default
net.ipv4.ip_local_port_rangeof 32768 to 60999.But you didn't know that because the AI didn't tell you.
That comes in handy, when you sandbox your claude cli to a docker container and don't want to switch into it all the time.
If you use something like tmux+ttyd for it you easily get it into a browser window or even can proxy it to any url.
Combine that with cloudflare tunnel for your local instance and easily control your agents from anywhere...
Someone who believes that "setting up a VPS via the CLI" is something special is, in my book, not considered someone who knows how to maintain a machine.
Maintaining a machine and coding are two different things. They can be used together, but essential they are different.
Basically you're saying here you are rubbish at setting up those applications since there apparantly were configuration issues?
Not necessarily though. There are more ways to do things usually, and suggestions from others - including AI - can be a different approach, but that doesn't need to make a current config wrong.
You should be able to tell. Using AI for stuff that you don't have enough knowledge for to check if it's right is basically gambling.
Thank you so much!
I will try other ports as well. I didn't want 22 opened because my IP was bruteforced so many times. My logs were full of "attacks."
That's the background noise of the internet. If you're using pubkey authentication (which you should be using), you can ignore it.
I use ansible from claude code config for setup my vps
honestly, i've been doing this too -- having claude review and refactor my ansible.
I'm a dev lead, and it's interesting to see how AI is being used. I advise folks to use what's in place (like ansible/terraform depending on case) and building out configs using AI.
When you DO vibe code, ask the agents to create bespoke config driven frameworks. This gives you something you can actually review later and maintain. If you have it hack in "features" left and right, it'll butcher its own code constantly and be a mess for anyone to fully understand E2E and maintain.
I think we'd still want to know what a product is doing, why and how, even if we're moving towards a world where we aren't writing it out anymore.
Thank you so much! I've been advised otherwise here by many, telling me that vibe coding is wrong, that the AI is blind, or whatever. All sorts of discouraging reasons.
People weren't telling me how to set proper parameters for closing loops and removing dead ends. Or they did not tell me how to create a proper memory system that covers everything.
The people who are developing Claude Code are telling us to use it and that the AI's powerful models are reliable and safe. So why are so many people here discouraging me from using AI instead of giving me relevant advice on how to use it properly?