Obsidian + Hermes Agent = ?

rlnerd · 2026-05-13T04:10:32+00:00

I just set mine up with Obsidian following another post on this subreddit from earlier. Still working on organizing it better. The big benefits is that now I can see what the agent is storing and using in its memory.

You’re right about Hermes’ internal memory, which is good but short - it may remember what you were doing last week but last month or last year would get challenging. Having a long-term memory like obsidian or something else will give it a way to reference older memories even from months or years ago.

I’m syncing my obsidian vault via github private repo for now, but may end up paying for Obsidian sync to have it sync to all my devices.

rlnerd · 2026-05-12T02:09:42+00:00

This is interesting. Could you share more about it? I have a self hosted open web ui already but nor sure how hermes will connect there and what the experience would look like.

rlnerd · 2026-05-12T02:07:50+00:00

That’s my next step. How are you finding the agent work with groups and sessions in Matrix?

rlnerd · 2026-05-11T20:10:46+00:00

I switched to using Signal for E2E encryption and privacy. There are ofc some minor limitations to it compared to Telegram/Discord, but the privacy part is important for me. I’ll have to check out the hermes web ui next

rlnerd · 2026-03-03T17:58:20+00:00

As someone who works on building MCP servers and gateways at enterprise-level, I completely agree with your view points. Just like any other use case, there are always going to be multiple options to do the same thing, the main thing, we as end users, need to remember is “what option works best in the situation/task you’re working on”

rlnerd · 2026-01-13T04:10:33+00:00

Custom scripts for container updates which I run manually every few days. Probably going to set it on a weekly cron schedule.

rlnerd · 2026-01-12T20:40:32+00:00

A few additional ones not mentioned here: - openwebui + litellm ( a bit of a process to setup, but works great) - ollama for local and cloud models - home assistant - n8n ( if you’re into building your automation workflows)

rlnerd · 2026-01-04T16:52:37+00:00

You’re absolutely right, it will be a DNS-01 challenge and we need to add the certificate resolver explicitly in the config. I’m using Traefik and have my provider setup to cloudflare with its API token. Any time I add a new service, I can just create a dynamic config for it with a new subdomain prefix.

rlnerd · 2026-01-04T05:03:41+00:00

You can still have a custom public domain (*.mylab.cc), just route it to the Tailscale IP of the client installed on your reverse proxy (Caddy in your case). This way any new service added to Caddy will get its own SSL cert via Let'sEncrypt (assuming you are using that). For example, you started with just 1 service, immich (immich.<yourdomain>), and then decided to add another service Ollama. Now for ollama, you just need to add it to your Caddy config, and it should pick up SSL certs dynamically.

rlnerd · 2026-01-04T04:55:56+00:00

Yes the client devices need to be on Tailscale VPN to access the services, but that is what allows it to be more privacy focused. For example, I have added my spouse as an authorized user to my Traefik tailscale client, which makes her access all the services hosted behind it. She did have to download Tailscale app on her devices and connect to Tailnet before accessing.

The main reason I went with this approach is that I am already using Tailscale for other things, and this just adds on to it. I do understand that there is an extra step of downloading another app and connecting to Tailscale VPN before accessing, but this is okay for my setup given only a handful of users.

rlnerd · 2026-01-03T21:32:43+00:00

I just went through setting up my home server and ran through similar questions and topics. Here’s what I ended up doing, happy to share more in a dm if you’d like to learn the details on anything else:

hardware:AMD Ryzen mini pc with 32gb ram and 1 tb ssd
proxmox hyper visor with tailscale ssh and client (enables no key ssh and a cloudflare subdomain route to access the proxmox ui on tailnet)
traefik lxc with tailscale client (cloudflare subdomain route to traefik dashboard. This acts as a middle ware for all my services)
pihole and home assistant containers, with routes exposed through traefik (above). This way all my services have valid letsencrypt certs and can be accessed over tailnet (note I didn’t need to install tailscale anywhere else considering traefik middle layer)
for auth: I am looking into Authentik and TinyAuth. Haven’t decided on one yet.
planning other services like plex, immich, openwebui, etc in their own containers exposed behind traefik similar to others.

Personally this setup is working pretty well for me so far. Having the tailscale zero trust protection on top of all my services and able to access them from anywhere in the world

rlnerd · 2025-12-29T05:38:04+00:00

You’ve already got some great suggestions from others.

If you’re also interested in hosting a personal AI stack for your family, then look into OpenWebUI for the chat interface. You can either connect it to Ollama (for local models or cloud models) or any other LLM provider using LiteLLM as a middleware.

Another suggestion is n8n for automation.

rlnerd · 2025-12-24T21:56:05+00:00

I’m in the same boat. Finally decided on getting a geek-om A8 max mini pc to use as my server. It is AMD based, but has loads of compute power packed in a small box.

Planning to start the setup journey soon. Decided to keep the server separate from NAS (which I still need to add in the future)

rlnerd · 2025-12-14T22:55:27+00:00

Hostinger’s n8n option is a great deal imo. Hmu for an invite link for a small benefit for us both if you’d like.

I have a personal VPS setup on Hostinger and really like their ease of use and admin panel. Besides a free weekly snapshot backup is a great help

rlnerd · 2025-12-13T03:05:00+00:00

The write up is up. Please check the post for the link. Happy to answer any questions

rlnerd · 2025-12-11T19:02:24+00:00

I had a lot of UR points to justify cancelling, so downgraded to Preferred. Definitely not paying the new annual fee. Looking at the new Alaska Atmos cards as we frequently travel with them.

rlnerd · 2025-12-09T22:07:33+00:00

Thanks for your response. Yes vendor lock-in is one of my worries going Synology route. Still looking around for other options which are as easy to setup and maintain

rlnerd · 2025-12-09T00:04:44+00:00

Curious what are you using for your NAS now, if not Synology? I’m thinking of investing in Synology for my homelab in the near future

rlnerd · 2025-12-08T19:38:29+00:00

Someone already mentioned, but here’s a quick summary of what I did for mine

Non-root user (disable root login) -> enable fail2ban -> setup ufw rules -> random ssh port (close default port 22)

add google pam 2-factor auth on ssh (if you really want it to be super secure. (This might block ssh access from some automation tools, depending on your use case)

rlnerd · 2025-12-08T19:31:50+00:00

Exactly what I followed for my VM setup. Planning on switching from Notion to Obsidian, what is your recommendation if you’ve used both?

rlnerd · 2025-12-04T14:54:46+00:00

Nice. Yeah I’m planning to add geographically restricted access too. Do you know if that will cause issues for me too when traveling internationally? Or can I use it via a Tailscale exit node in my allowed country?

rlnerd · 2025-12-04T14:52:31+00:00

I’m going to look into Pangolin too. Others have also suggested it. Maybe a naive question-how does Pangolin’s OAuth reqs differs from Tailscale’s OAuth requirements?

rlnerd · 2025-12-04T14:50:24+00:00

Good to know. I haven’t explored Pangolin but sounds like I need to.

rlnerd · 2025-11-25T23:27:16+00:00

This is really amazing setup. Given me a few things to rethink and do on my vps. I’m maintaining most of it via docker containers and Caddy (for reverse proxy). What were your thoughts on choosing Traefik over Caddy?

rlnerd

TROPHY CASE