Tutorial
This is a bit of a different kind of blog post from me. A technical and pricing-focused tutorial on Spacebot setup. I have found it useful for my family members to use, to supplement/replace the main consumer AI apps.
tl;dr
create VPS $4/mo
create non-root users (2)
install tailscale, cloudflared, spacebot
set up spacebot
a. LLM providers (2, maybe 3)
b. agents setup (personalized)
c. messaging setup (optional)
d. safely expose to the interwebs
1. create VPS
I have an existing account with Contabo. They offer a Europe-hosted1 VPS for $3.96/mo2. Currently, you get 2 cores, 4 GB RAM, 300 GB SSD, 200 Mbit/s, "Unlimited" Traffic.
As a comparison, for $4.32/mo baseline, you can get 4 cores, 8 GB RAM, 75 GB NVMe or 150 GB SSD, 200 Mbit/s, "Unlimited Traffic" on a minimalist "Cloud VPS". This plan includes more processing, less storage.
Standard online resource purchasing flow. Wait 5 minutes for the server to be provisioned.
Add default Contabo Firewall.
First time log in steps:
ssh root@[nnn.nnn.nnn.nnn]
apt update
apt upgrade
reboot
2. create non-root users (2)
Ask an LLM "how to harden Ubuntu VPS".
Instructions should include: "reducing the attack surface by creating a non-root user, disabling root SSH login, enforcing SSH keys, setting up UFW, and enabling automatic security updates."
Ask questions about any aspect, and try to follow Best Practices, with reasonable understanding of the tradeoffs around anything which is unclear.
I find it useful to have two non-root users. A main one for general logins to the VPS (with sudo rights), and a spacebot user that has no root access whatsoever. YMMV. On your own setup, this may be overkill.
3. install tailscale, cloudflared, spacebot
Tailscale is a zero-configuration mesh VPN with a generous free plan. It lets you run a server NOT accessible by the internet, in a private tailnet.
Cloudflared creates an encrypted, outbound-only connector that proxies traffic through Cloudflare's network to your machine. This tunnel can have a subdomain on any existing DNS that you manage (for free) via Cloudflare.
you do not need Caddy, nginx, Traefik
Spacebot is a standalone Rust binary that I restart manually each time the machine reboots. You can ask an LLM how to make this more automatic if you prefer.
You can download a pre-compiled executable, or build your own customized version3. The single binary runs a service, with its own vector database, a tabular database, kv store, and web interface.
Install chrome and opencode on your VPS.
4. set up spacebot
Run ./spacebot and use the CLI onboarding flow (or the web interface)
a. LLM providers (2, maybe 3)
I specify a private inference provider as default: Venice.ai via DIEM. Fireworks works perfectly as well. Less-sensitive agents get an override to use a cheaper inference provider (GLM Coding Plan is my favorite).
I use two tiers of agents: expensive for channel branch and worker, cheap for cortex and compactor.
You can tweak this to infinity if you wish.
b. agents setup (personalized)
Spacebot comes with a nice wizard to create standard agent personas.
Depending on your LLM provider's intelligence (GLM 4.7 is plenty smart), you can ask it to tweak the personas even further, to make the interactions feel quite distinctive.
c. messaging setup (optional)
I use the web ui plus a private Discord server. Some people swear by Telegram and WhatsApp.
d. safely expose to the interwebs
Expose port 19898 via tailscale (your own tailnet) and Cloudflare (anyone you allow via CF Zero Trust).
pay $1.20~1.80 extra per month for US-location hosting, advertised 4-28ms latency. Where I am in the US, the EU-based advertised latency is 86ms↩
requires 12-month term, paid upfront, for this discount price↩
I asked Cursor to add: a) a React frontend toggle element for a per-channel Voice-primary setting; b) Rust backend logic to identify if messages include links, tables, code fences, or structured data; c) a python script to call Pocket TTS with a per-agent custom voice, transform WAV to OGG, and send to a per-agent Discord channel with appropriate voice message metadata↩