Building a Practical Personal AI Ops Stack (Safely)

To get the full details, I started by following this video guide to set it up.

When people hear “always-on AI assistant,” they imagine either magic or chaos.
The truth is: it works well if you set hard boundaries first.

The setup

Our assistant runs on a dedicated server under a dedicated OS account.
It is not mixed with personal daily-use logins and not exposed directly to the public internet.

Access is intentionally restricted:

• Network access via Tailscale
• Gateway bound to loopback (127.0.0.1) by default
• No open public control endpoint

Identity and secret boundaries

We treat the assistant as its own operator with scoped credentials:

• 1Password access limited to only required vault items
• Dedicated assistant email account
• Google service account for document/sheet workflows

The goal: if one integration has an issue, blast radius stays small.

Operating principles

1. Isolate runtime
2. Minimize network exposure
3. Scope credentials tightly
4. Automate with explicit behavior
5. Prefer reversible changes and verify often

Bottom line

A personal AI stack doesn’t need to be fragile.
Treat it like infrastructure: isolate it, lock it down, and grant only the access it truly needs.