VT
Resume
Back to all posts
EngineeringMarch 6, 20265 min read

Agentic Infrastructure: When AI Actually Does the Work

Moving from AI-assisted to AI-executed homelab management with SSH-wielding agents.

aihomelabautomationinfrastructure

Agentic Infrastructure

The Weekend That Disappeared

It started with a simple task: set up a cron job to fetch daily AI news.

Three hours later, I was debugging Python path issues in systemd, wrestling with Confluence API rate limits, and questioning why my "simple" automation required touching five different systems.

This is the homelab paradox. We build these playgrounds for control and learning, but they become chores. Not the fun kind—the "I just want this to work" kind.

The Shift

Old way: Open terminal. Check logs. Google "why is my cron not running." Spend 45 minutes in rabbit holes. Forget what I was trying to do.

New way: WhatsApp message—"Set up a daily AI news scanner, summarize TechCrunch and HN, save to my workspace."

Twenty minutes later, a cron job spawns subagents, fetches sources, formats output, and lands structured analysis in my memory files.

The difference isn't automation. I could write a shell script for that.

The difference is execution.

What "Agentic" Actually Means

Not chatbots. Not copilots. Not "here's how you might do it."

Agentic = AI with tool access that does rather than suggests.

In my setup, this means:

  • SSH access to Proxmox nodes
  • File system operations across LXCs
  • Cron scheduling and management
  • GitHub API for repo operations
  • WhatsApp/Discord for interface

The agent doesn't recommend. It runs pct exec, writes files, commits changes, and reports back.

Four Real Examples

1. Daily Intelligence Gathering

I have a recurring cron that spawns subagents at 8 AM. Each subagent hits a different source (TechCrunch, HN, ArXiv). They summarize, I synthesize, I get a formatted briefing before coffee.

The magic: Context persistence. The agent remembers my infra.json, my repo structures, my preferences across sessions.

# What I used to do:
ssh choz@hydra "cd /mnt/ai && python3 -m venv venv && source venv/bin/activate && python scraper.py"
# Then manually format output, then copy to Confluence...

# What happens now:
# [Agent handles it, reports: "Done. 12 opportunities found, 3 relevant to your stack."]

2. Infrastructure Architecture Decisions

Currently planning: MikroTik hAP vs MCP Gateway for kid internet control.

The agent didn't just suggest options. It:

  • Compared RouterOS scripting vs Python MCP server
  • Calculated LXC resource overhead (512MB vs 1GB)
  • Evaluated security isolation (separate containers vs shared)
  • Drafted the decision matrix

Pro tip: When using Proxmox LXCs for AI workloads, always check if you need nesting=1 and keyctl=1 flags. Nothing kills momentum like debugging permissions that work in VMs but fail silently in unprivileged containers.

3. ComfyUI Workflow Automation

Building a 4-scene cinematic trailer workflow. The agent:

  • Generated the JSON workflow structure
  • Validated node connections
  • Moved files to ~/apps/comfyui/user/default/workflows/
  • Spawned editorial subagents to review the technical approach

All from a single prompt describing the concept.

4. Multi-Repo Contribution Management

I maintain several active repos. Every morning, the agent scans:

  • Issue counts and staleness
  • PR review requests
  • Contribution opportunities based on my MEMORY.md priorities
  • Dependency updates (Renovate PRs)

Delivers a prioritized list. "Work on vervio-viberace lobby UI today. claude-squad needs CI/CD scaffolding."

Why This Works

Context Persistence: Unlike scripts that forget everything, the agent maintains state across sessions. It knows my homelab topology, my GitHub repos, my cron schedules.

Tool Access: SSH keys, API tokens, file system. The agent executes rather than advises.

Conversational Debugging: "That cron job didn't run" → Agent checks logs, finds path issue, fixes, redeploys. No context switching.

The Pattern

If you want to replicate this:

  1. Give it memory. Files that persist across sessions (my infra.json, MEMORY.md, cron schedules).

  2. Give it tools. SSH, APIs, file operations. Start read-only, add actions gradually.

  3. Define boundaries. What can it touch? What requires confirmation? My agent can create files, not delete infrastructure.

  4. Log everything. Actions taken, outputs generated, failures encountered. Essential for debugging when (not if) something goes wrong.

But Wait—The Skepticism

"This sounds like giving root access to a chatbot."

You're not wrong. Security concerns are real:

  • SSH key exposure
  • API token scope creep
  • Prompt injection attacks
  • "Oops it deleted my homelab" scenarios

My mitigation: Principle of least privilege. The agent has SSH to specific LXCs, not the Proxmox host. API tokens are scoped. Destructive operations require confirmation. Logs are comprehensive.

Reliability is another issue. AI hallucinates. It might:

  • Write a broken cron expression
  • Misunderstand a firewall rule
  • Generate invalid JSON

Mitigation: Validation layers. Generated configs get syntax-checked. Network changes get staged before application. Mistakes get logged and learned from.

The Tradeoff

Is this worth the complexity?

Honestly: still evaluating.

"AI-assisted manual" might be the right abstraction for most. Keep the human in the loop for decisions, use AI for acceleration.

But for repetitive infrastructure tasks—cron management, file operations, multi-system coordination—having an agent that just does it is hard to give up.

The convenience of "make it so" vs. the risk of "oops it made it so wrong."

For now, the tradeoff tilts toward agentic. But I'm watching the logs closely.

Questions or want to share your setup? Find me on GitHub or Twitter.