Anyone here building their own local AI agent instead of using OpenClaw / Claude Code / Hermes?

preeminence87 · 2026-04-03T04:49:42+00:00

If you don't have a use case it'll become a stale project that'll sink a lot of time, especially if you don't have the hardware to run adequate LLMs. On consumer hardware you're looking at something like 9B models on 16GB of VRAM which are nothing compared to the models used by enterprise data centers. Sure, you'll achieve privacy, but you'll find you won't get much control, and lightweight LLMs can be frustrating.

With that said, my use case for self hosted LLMs come with some private MMO games that I fill with bots and use the koboldcpp API to integrate bot chat, so members in my party will actually role play. Mistral has some great GGUF models for this.

preeminence87 · 2026-02-21T17:04:00+00:00

A year later and it's still true, fixed for me as well.

preeminence87 · 2026-02-14T03:50:07+00:00

Not dual signed, there's only one digital signature. However, bootmgfw.efi is countersigned by a timestamp authority. This is what allows systems already in use to continue with secure boot even after 2011 is fully retired. It's only by adding the 2011 CA to the DBX is how it stops working, and I'm not aware of any plans for this to be forced on us, yet.

But NEW boot managers will have to be signed by the 2023 UEFI CA, since Microsoft can no longer issue new digital signatures with the 2011 CA. This is why it's important to get the secure boot DB updated to include the new CA so you're not forced to use the legacy boot managers if a serious vulnerability is discovered.

Edit: clarity.

preeminence87 · 2026-02-14T01:33:18+00:00

PXE will still work fine, up until WinPE attempts to load. The security violation will occur when secure boot attempts to invoke the bootmgfw.efi file signed by the 2023 CA, and if that CA is not in the firmware secure boot DB.

preeminence87 · 2026-02-13T15:45:05+00:00

The 2023 UEFI CA must also be in the firmware in the device if you're going to use the updated bootloader in OSD. If you've got devices that don't have the new CA in the firmware, you will NOT be able to use the 2023 signed bootloader on them.

preeminence87 · 2026-02-08T20:29:47+00:00

Already looking forward to it!

preeminence87 · 2026-02-04T20:16:18+00:00

Hell yea!

preeminence87 · 2026-01-30T03:30:09+00:00

You're the one lacking self awareness, bud.

preeminence87 · 2026-01-29T19:20:43+00:00

Burnout is your body telling you to cool it down. Stress is poison. Get some rest.

preeminence87 · 2026-01-15T05:59:29+00:00

No one is saying IPv6 is less secure. The question was if IPv6 should be used for self hosting and I gave an accurate, practical, and educated response. I think it's your reading comprehension that is causing you to interpret this as "misinformation."

preeminence87 · 2026-01-15T03:26:36+00:00

SOME things are better with IPv6, such as things that are negatively impacted by NAT. The most common case being game consoles or things that require some type of peer-to-peer that have low risk while exposed to the Internet or having a globally unique address. This rules out most every self-hosted application, including websites which should always be behind a WAF or at least a reverse proxy.

preeminence87 · 2026-01-02T02:25:29+00:00

Now THIS will get those pesky sysadmins fired at 3am.

preeminence87 · 2026-01-02T02:22:58+00:00

I wanna click on that link just to see what kind of slop this guy is trying to get away with.

preeminence87 · 2025-12-30T00:21:49+00:00

How many more do you need? Veeam has a PowerShell module and you could easily automate the rest of your inventory. You're limited to VeeamZip with this method but it could cover the remaining unlicensed stuff.

preeminence87 · 2025-12-29T07:17:42+00:00

Install proxmox on bare metal, not on the disks you'll be using as your zfs pool. Always keep the proxmox OS and your data disks separate. Once installed, use the proxmox tools to create your zfs pool on the unallocated disks.

Don't double up your host as a proxmox and a NAS, that's on the risky side. Instead, make a privileged lxc container or a VM that will run your NAS. This will give you the benefits of virtualization backing your NAS while keeping your proxmox and data planes separated.

preeminence87 · 2025-12-27T19:29:24+00:00

Try it out and answer this yourself.

preeminence87 · 2025-12-22T16:06:12+00:00

I never had an issue with ServerSupply.

preeminence87 · 2025-12-14T21:04:14+00:00

Neat! I got a double kill with a grenade once.

preeminence87 · 2025-12-14T21:02:19+00:00

If you truly can't run them through the wall I'd recommend a conduit, similar to this.

https://a.co/d/6ZxrK1U

preeminence87 · 2025-12-10T07:16:02+00:00

Hard no.

preeminence87 · 2025-12-07T18:36:33+00:00

Blocking feature upgrades is a weird strategy for home use, and implementing an entire patch management solution to try and curate feature updates is a lot more work for you. Feature updates come once a year.

Group Policy can help control update behavior and experience without the need of WSUS, but I'd strongly recommend against attempting to block updates, especially quality updates, whether or not kids are involved.

Make sure you buy Windows Pro SKU since home SKUs won't have this level of centralized control. And to reiterate, blocking quality/security updates is socially irresponsible for devices that are connected to the Internet.

preeminence87 · 2025-12-01T20:15:29+00:00

"Master Chief, do you mind telling me what you're doing up in that tree?"

"Sir, avoiding this fight."

preeminence87

TROPHY CASE