IT

Running OpenClaw directly on your host system is risky. The service has full access to your filesystem and the environment in which it runs. This is powerful — but potentially destructive. Treat it like any other automation tool with shell-level capabilities. Modern AI agents are designed to read files, execute commands and interact with network services. While this makes them extremely useful for automation, it also means that a misconfiguration, prompt injection or malicious extension could potentially affect the entire system. Because of this, the safest approach is to run such tools inside an isolated environment where mistakes cannot easily damage the host system.

One of my latest projects was a fully dockerized name server infrastructure based on PowerDNS: one master and two slaves — one in the same subnet and the second running in a cloud on a basic virtual machine. Why PowerDNS? Because I needed an API, a proper admin-friendly web interface, user management, and LDAP integration. PowerDNS fully matched my requirements. Why Docker? Because I wanted some level of automation and IaC — Docker fits nicely in the middle, where you have several configs and docker-compose files fully describing the container configuration.

Migrating Websites from DirectAdmin to ISPConfig Some time ago I faced a serious challenge: migrating a large number of similar websites from DirectAdmin to ISPConfig with maximum automation. The hosting platform was changed, and doing everything manually simply wasn’t an option. To solve this, I wrote a better CLI wrapper for ISPConfig that focuses on usability while reusing the default API functions underneath: ispconfig-cli

You have some infrastructure in Russia and want to move it elsewhere, for example to Europe. Currently this can be problematic. During recent tests I noticed that Russia limits long network sessions: any session longer than about one minute starts to be throttled to around 100 kB/s. This may not apply to every destination, but I tested several major European providers and also Belarus as a proxy. Belarus was even slower, around 50 kB/s.

Python reminds me of PHP many years ago, when multiple incompatible versions could exist on one server. Do you need another version? The best solution back then was a new server, because any update or installation could break the entire global environment. Half a year after the “Sunsetting Python 2”, major distributions still continue to install Python 2 by default, and it becomes a challenge not to replace the default version after some update or after installing a new package.

This was the first time I used FreeRadius. This program reminds me of Postfix — a similarly complicated and powerful tool. Only one big difference: very poor documentation and not enough examples. In the mailing lists there are many questions without answers from FreeRadius gurus. Here I provide examples of how I solved some problems or where I spent too much time…