We’ve seen developers and cloud providers alike flock to this project as it has skyrocketed in popularity. We have spinoffs like nanoclaw, picoclaw and nanobot. We’ve also seen cloud providers offering to host this type of service such as Digital Ocean, Cloudflare and Hostinger. There are even companies like ai.com that are focused on this new “AI Assistant” paradigm.

This is all very exciting but seems to go against the original philosophy of OpenClaw. The sheer amount of features that OpenClaw has does provide flexibility for every user, but it also takes away a user’s ability to truly have it be their own. You can fork the repo to make it more “custom” but with over 10,000 commits and 500,000 lines of code it’s not exactly maintainable. Even the creator was struggling, merging over 600 commits and losing ground on open PRs. As I was writing this, Steinberger announced he’s leaving OpenClaw to join OpenAI, transitioning the project to an independent foundation. When even the creator decides a project has outgrown what one person can manage, it reinforces the case for building something smaller and purpose-built.

While you will see OpenClaw marketed as secure due to self-hosting, the reality is that many ‘out of the box’ setups leave administrative interfaces exposed. The Moltbook breach of 1.5 million API keys and the skills marketplace illustrate this point exactly. Although they do care about security, this project’s nature leaves itself open to so many attacks. A smaller, purpose-built tool has a fundamentally smaller attack surface, making it far easier to audit and secure.

All of this made me question if we really need all of these features. In philosophy, Occam’s razor is the theory that “recommends searching for explanations constructed with the smallest possible set of elements.” The same principle applies to software: the simplest system that meets your needs is the one with the fewest vulnerabilities, the least maintenance burden, and the most clarity. Like others, I saw the benefits of OpenClaw but I didn’t need many features, just the ability to message the AI from my phone and have it manage my calendar. This led me to build occam-claw, an AI assistant that has only the features I need and none of the bloat. After building this, I realized the following benefits:

• It’s easy to build (took a few hours) and it’s fun
• You can customize everything, you get everything you need and nothing you don’t
• Smaller footprint on your host, both in resource usage and attack surface
• You can understand every line of code, which means you can actually reason about its security

I’m not saying you shouldn’t use OpenClaw or any of the other spinoffs. I think all developers should really consider where they want to integrate AI into their life and what value these products are actually providing. Obviously this is dependent on the person, but I prefer controlling what is fed into my AI model and heavily restrict what it can do on my behalf. When you build it yourself, you make those decisions deliberately rather than inheriting someone else’s defaults.

I created a simple website that aggregates this data by month so you can see how much time you’ve spent playing chess. Check it out at chess-stats.alexboden.ca.

Check out the project on GitHub

Check out the website here.

Widget on iOS home screen:

• Proxmox: Running on a bare metal server.
• Basic Linux VM: Running services I would like to access securely.
• Custom domain: I have the domain alexboden.ca with DNS records managed by Cloudflare.

The Goal

• Private by default: Services should only be reachable from my devices.
• Single URL per service: e.g. git.alexboden.ca, jellyfin.alexboden.ca, proxmox.alexboden.ca.
• Clean HTTPS: No browser warnings, even on phones.
• No public exposure: No NAT forwards, no dangling ports.

The Solution

I use Caddy running inside a VM as a single TLS termination point, with Tailscale providing the private network:

• Tailscale: Connects all devices to a private network. DNS CNAMEs point to the VM’s Tailscale hostname, so only tailnet devices can reach the services.
• Caddy in a VM: Terminates TLS using a private CA, then reverse-proxies each service.
• Proxmox host: Accessed over its own Tailscale IP.

The Setup

Tailscale

You can download Tailscale here. Install it on the VM and any devices you want to access your services from.

Caddy + Cloudflare

You can download Caddy here. Since I manage my DNS with Cloudflare, I also installed the Cloudflare DNS module.

I installed Caddy as a systemd service on my self hosted VM. I added the following to my Caddyfile (/etc/caddy/Caddyfile):

(cloudflare) {
    tls {
        dns cloudflare CLOUDFLARE_API_TOKEN
    }
}

# Example of a reverse proxy for a service running on the same VM as Caddy
git.alexboden.ca {
    reverse_proxy http://localhost:3000
    import cloudflare
}

# Example of a reverse proxy for a service in the same tailnet (with a different )
proxmox.alexboden.ca {
    reverse_proxy https://100.109.111.101:8006 {
        transport http {
            tls_insecure_skip_verify
        }
        header_up Host {host}
        header_up X-Forwarded-Proto https
        header_up X-Forwarded-For {remote}
    }
    import cloudflare
}

Then reload Caddy:

systemctl restart caddy

Add the following DNS records to Cloudflare:

You can find the VM name and tailnet name in the Tailscale dashboard.

Diagram of the setup