Structural Analysis
A server at home or on a VPS, your data in your own hands — own your infrastructure with Claude
← Back to Learning Debian with Claude
A server is "the backstage worker that keeps running while you are not touching it." This book's premise: a home server or a VPS, with your data managed by you — not entrusted to someone else's cloud service, but kept on a machine where you hold root. The all-text, GUI-less world pairs perfectly with learning alongside Claude. This chapter settles that premise and the reasons behind it.
This book's premise: a home server or a VPS, with your data managed by you. We map all three options (home, VPS, major cloud) by cost and responsibility, and decide with your own numbers which to start with. Why this book never hands data management itself to someone else's service also becomes clear here.
A server does not need most of what the desktop edition installed. With the netinst image and a single tasksel screen, you build a Debian that carries only an SSH server and standard utilities. This chapter handles just the delta from the main edition's Chapter 7, and carries you through to a fixed IP address.
You will never plug a monitor into the server again. You do everything from your own PC. The doorway for that is SSH. Make keys, close password authentication, narrow the door. This chapter locks down the front door together with Claude — including the craft of not locking yourself out and the settings that make daily access pleasant.
The moment you expose a server to the internet, bots from all over the world start knocking on the door. The idea of an attack surface, minimal allow-listing with ufw, automated updates with unattended-upgrades, and a watchdog called fail2ban — build up the basics of defense one piece at a time, handing logs to Claude as you go.
The insides of a server are, in the end, "a collection of processes that systemd looks after." The basic verbs of systemctl, reading logs with journalctl, writing a unit file that turns your own script into a service, and scheduled runs with a systemd timer — learn to handle starting, stopping, logs, and failure response all through one unit called a "service."
The server itself can be rebuilt. The only thing that cannot be rebuilt is the data. So the place where your data lives is the foundation you should design first. Grasp the difference between a pile of files and a database, split the territory between SQLite and PostgreSQL, and put PostgreSQL 17 on your Debian 13 box so you own your own database — this chapter lays that foundation.
This book never uses containers — apps run as a plain directory plus a venv plus a systemd service. That is exactly why the convention for where things go, instead of a container, is what creates order. Decide a directory layout, build a minimal API with Python and FastAPI, turn it into a systemd service, and run it on top of Chapter 7's database — Claude writes the code; you decide the structure, run it, and protect it.
Until now everything could be practiced safely on the LAN. Publishing is a near-irreversible decision — the attack surface changes all at once. We cover the three-piece set of domain, reverse proxy, and TLS certificate, all the way through the home-line obstacle (CGNAT), and design a publishing route that fits your situation together with Claude. "Not publishing" is a perfectly respectable choice.
The server itself is disposable; only the data is the real thing. The OS and your services can be rebuilt in tens of minutes, but the data cannot. Decide what to protect, take encrypted backups with restic, automate them with a systemd timer, and then actually rehearse a restore — proving, with your own hands and alongside Claude, the principle that a backup you have never restored is the same as no backup at all.
A server is not done once you build it; it is something you tend and grow like a living thing. But you do not need to hover over it daily. A design that runs on fifteen minutes of watching a week, a monthly rhythm of maintenance, a pattern for when things break, and the next move — get the craft of growing a single server over the long run in place with Claude at your side. As the close of the Server Edition, we look back on what it means to "own your own infrastructure."
Instead of handing over answers, hand over the craft of asking questions.
In the era of learning with Claude, that is the longest-lasting gift.
Explore
Read in order from Chapter 1.
When you're stuck, ask Claude: "Given what I've read so far, what should I do?"