LIVE TAPE
OpenClaw 88,412 stars·CVE-2026-25898 disclosed (HIGH, Hermes)·Hermes Agent v2026.4.7 published·Hermes Agent +182 stars (last hour)·OpenClaw v2026.4.6 — credential vault hardening·CVE-2026-26133 patched (NanoClaw)·Pi 5 16GB rumoured for Q3 — recheck guidance·Nanobot +47 stars (last hour)·ZeroClaw v0.4.2 — Apple container fixes·Mac Mini M4 wins quarterly hardware survey·OpenClaw 88,412 stars·CVE-2026-25898 disclosed (HIGH, Hermes)·Hermes Agent v2026.4.7 published·Hermes Agent +182 stars (last hour)·OpenClaw v2026.4.6 — credential vault hardening·CVE-2026-26133 patched (NanoClaw)·Pi 5 16GB rumoured for Q3 — recheck guidance·Nanobot +47 stars (last hour)·ZeroClaw v0.4.2 — Apple container fixes·Mac Mini M4 wins quarterly hardware survey·
PocketClawvol. 1 · 2026
AI Agentsguide #111

Solo developer self-hosted AI — a year-long retrospective

By Robin MonteiroPublished 2026-05-04Read 6 min
#self-hosted · #retrospective · #solo-developer · #ops · #real-numbers · #year-in-review
Editorial noteThis article reports on a fast-moving space. Versions, install counts and timelines are accurate as of the “updated” date above. We re-verify against primary sources (CVE database, project repositories, vendor announcements) before each update. Send corrections to contact@pocketclaw.dev.

Problem
Most self-hosted AI guides describe the happy path of installation. Almost none describe what running the stack actually feels like 12 months in, when the novelty has worn off and the maintenance reality has set in.

Solution
A first-person retrospective covering 14 months of running self-hosted agents alongside day-job consulting work. Includes the bills, the outages, the migrations, the burnout points and the things that genuinely added value.

This started in March 2025 — fourteen months ago at time of writing — when I bought a Hetzner CX22 (€5/month, 4 GB RAM, 2 vCPU) and installed the precursor to what's now Hermes Agent. I had no plan beyond "see how this goes."

What follows is what actually happened.

The 14-month bill

Real numbers, pulled from invoices:

  • Hetzner CX22 × 14 months: €70
  • Domain (pocketclaw.dev): €15/year
  • AWS SES: ~€8 total (low volume)
  • Anthropic Claude API: €640
  • OpenRouter (for fallback): €72
  • Tailscale: €0 (free tier)
  • Cloudflare: €0 (free tier)
  • Total infrastructure: €805 / 14 months ≈ €58/month

By comparison, a managed equivalent like NitroClaw would have run €280 per month at the tier I'd have needed for my workload. Over 14 months that's €3,920 vs my €805 — a real €3,115 saved, before counting the hardware experiments (Pi 5, mini PC, Mac Mini) that I'd have bought anyway because I'm that kind of person.

So the financial case is real. But the headline savings are smaller once you include the hardware curiosity tax.

Ops time — the part nobody publishes

I logged ops time in my time tracker as best I could. 14 months of data:

  • Initial setup: 6 hours
  • OpenClaw → Hermes Agent migration (post-CVE-2026-25253): 4 hours
  • Domain DNS work, Tailscale setup, monitoring: 3 hours
  • Routine updates (~30 minutes/week × 60 weeks): 30 hours
  • Three actual incidents (debugging at unsociable hours): 8 hours
  • Reading CVE advisories I subscribed to: 12 hours
  • Total: ~63 hours over 14 months ≈ 4.5 hours/month

That's the real number. Marketing says "set and forget." Reality is five hours a month. For me that's tolerable because I find this work interesting. For someone who'd rather not spend any time on infra, five hours a month is a lot.

The three actual incidents

Worth documenting because they teach more than the happy path.

Incident 1 — January 28, 2026, 09:14 UTC. Woke up to a Claude API spend alert (€87 in 90 minutes). Logged into the dashboard, found my agent looping on a tool call that returned 429s. Killed the loop, set an upper bound on retries, rotated the API key in case. Cost: €120 worth of useless API calls before the alert fired. Lesson: rate-limit your own agent's retries. Don't trust upstream backoff alone.

Incident 2 — February 5, 2026, 23:50 UTC. OpenClaw 1-click RCE disclosure dropped. I was running OpenClaw 2026.1.4. Spent the next 4 hours in a panic: rebuilt the host from scratch, moved to Hermes Agent, rotated every credential the OpenClaw vault had ever touched, audited the access logs for evidence of compromise (clean — was lucky). Lesson: never run an agent on a public IP. Tailscale or SSH tunnel, always.

Incident 3 — March 19, 2026, 14:00 UTC. OpenClaw foundation pushed 2026.3.13 with a breaking change in tool sandbox declarations. My custom shell tool stopped working. Spent 90 minutes reading the migration notes, updating my YAML, redeploying. Lesson: pin your upstream image to specific patch versions; auto-update only minor.

What I'd do differently

  • Start on Hermes Agent, not OpenClaw. I picked OpenClaw in March
  • Use Tailscale from day one. I exposed my dashboard publicly for
  • Set up monitoring before I needed it. I added Netdata after
  • Pin image tags. I used :latest for the first 8 months. Then
  • Document credential rotation cadence. I rotate quarterly now.

What I'd keep

  • Self-hosting itself. The privacy and control are real, and the
  • Anthropic Claude as primary LLM. The reliability premium over
  • OpenRouter as fallback. Caught me twice when Claude was rate-
  • The Hetzner CX22 specifically. €5/month is genuinely competitive

The capability question

Is the agent useful? I track the tasks I delegate to it vs the ones I do myself. After 14 months:

  • Routine inbox triage — agent handles ~80% without me reviewing.
  • Documentation lookups across my notes — RAG over my Obsidian
  • Code review on small PRs (< 200 lines) — agent first pass, I
  • Technical writing — agent drafts, I rewrite. The drafts are

Total time saved per week: probably 3-5 hours. Total time spent configuring/maintaining the agent: less than 1 hour per week on average. So net: 2-4 hours per week of leverage.

That's not a 10x productivity gain. It's not a transformative AI experience. But it's real, repeatable, and improving as the underlying models improve.

The privacy benefit

Harder to quantify but worth naming. Knowing that my agent's conversation memory, my drafts, my Obsidian RAG content and my email triage logs all live on a Hetzner CX22 in Falkenstein with no third-party processing beyond the Anthropic API call — that's worth something. I have clients with NDAs that explicitly forbid me from running their data through a managed AI service. Self-hosting is the only way I can use AI tooling at all in those engagements.

The capability ceiling

I run Claude 4.5 Sonnet via Anthropic API. For complex multi-step tasks I sometimes route to Claude 4.7 Opus via the same API. Local LLMs (Mistral 7B Q4 on the Pi 5 I added in October 2025) handle a small slice of low-stakes subtasks. For genuinely hard work — design decisions, novel architecture, real reasoning — frontier cloud models are still ahead.

The gap is closing. Llama 3.3 70B Q4 on a hypothetical Mac Mini M4 Pro 48 GB would handle most of what I currently route to Claude. I haven't bought one yet. I might in Q3 when prices settle.

Would I recommend it?

To other solo developers, yes — with three caveats:

1. Budget 4-6 hours per month for ongoing maintenance. This is real work, not optional. 2. Subscribe to your agent project's security advisory feed. Read every alert. Update within 48 hours of a critical CVE. 3. Don't expose the dashboard publicly. Ever. Tailscale is free and takes 10 minutes to set up.

Outside those caveats, the self-hosted-AI-for-solo-devs proposition is one of the genuinely good developer trades in 2026.

What's next

I'm planning to add a Mac Mini M4 (24 GB) in Q3 2026 to host a local Llama 3 8B as the primary LLM, with Claude as fallback for hard tasks. Goal: cut Claude API spend by 60-70% without meaningful capability loss on routine tasks. I'll write that up at the 24-month retrospective.

Until then: the CX22 keeps running. The agent keeps doing inbox triage at 4 AM while I sleep. The bill keeps being €58/month.

This is fine.

Related

  • [How to choose a self-hosted AI agent](/guides/how-to-choose-self-hosted-ai-agent-2026)
  • [Pocket AI complete guide](/guides/pocket-ai-complete-guide)
  • [Local LLMs benchmark report 2026](/guides/local-llms-benchmark-2026)
  • [Security playbook](/guides/self-hosted-ai-security-playbook-2026)
Continue reading
guide
Pocket AI complete guide
Running self-hosted AI on portable hardware
guide
Edge AI hardware buyer's guide 2026
Pi 5 vs Mini PC vs Mac Mini
report
Self-hosted AI landscape 2026
Quarterly state of the ecosystem
section
Pocket AI hardware hub
All portable hosts reviewed
section
Agent tracker
Live stats on every agent
newsletter
Thursday digest
Weekly summary in your inbox