A dedicated AI agent that manages a production VPS entirely through Telegram. Deploy websites, monitor server health, manage DNS, run backups. No SSH session, no terminal, no login screen. Just a chat.
Every deployment means SSH-ing in, writing Docker Compose files, configuring Traefik labels, setting up databases, managing SSL, checking DNS propagation. You need a laptop, a stable connection, and 30-60 minutes of focused terminal time. Want to deploy something while commuting? Forget it. Want to check if your server is healthy at 2 AM? Open a terminal.
Describe what you want in plain language. ITGuy inspects the server, writes a plan, waits for your approval (an exact phrase, not a vague "ok"), executes through vetted scripts, verifies the outcome independently, and logs everything to a git-tracked audit trail. I deployed three production websites from the back seat of a car, on mobile, in 10-12 minutes each.
A walkthrough of the full deployment flow: Telegram message to live, SSL-secured website.
Every state-changing action follows this sequence. No exceptions, no shortcuts.
Read-only server inspection. Verify actual state.
Write concrete steps with exact commands. No vague proposals.
Human sends an exact approval phrase. "Ok" won't work.
One step at a time through vetted, root-owned scripts only.
Independently confirm: site responds, HTTPS valid, logs clean.
Report outcome on Telegram. Plain language, including partial failures.
Audit log committed to git. Full detail, timestamped, reviewable.
The core security principle: the AI reasons inside a Docker container with zero host privileges. Every action on the server flows through a narrow layer of root-owned, human-reviewed scripts that the agent can execute but never edit. No Docker socket, no raw sudo, no shell access. The agent earns trust one vetted script at a time.
Uptime, load average, disk, RAM, top processes. Runs automatically, no approval needed.
All containers, status, restart counts, health checks, resource usage, images, volumes.
Firewall status, Fail2Ban jails, failed logins, pending patches. Weekly report to Telegram.
Full deployment: container, database, Traefik routing, SSL. Exact approval phrase required.
Restart, stop, backup containers. Pre/post state verification baked into every script.
Force ACME re-check, WP-CLI update with pre-update DB backup. Medium risk, scoped execution.
These sites were built and deployed while I was in a car, heading to a friend's place. No laptop, no terminal, no SSH. Just Telegram messages on a phone.
I sent ITGuy a reference website, a PDF with the subject's profile content, and said "create and host this." The agent parsed the brief, chose the simplest deployment option (static), asked clarifying questions, and started building.
Entire conversation happened on mobile, in transit.
ITGuy writes the plan, then waits. No fuzzy "ok" accepted. You send the exact phrase or nothing happens.
Action taken, DNS verified, audit entry committed to git. Every step independently confirmed.
Deployment complete. URL confirmed, SSL valid, full deployment summary with what was deployed and how.
Static portfolio site. Built from a PDF and a reference URL in a single Telegram session.
Visit siteWordPress deployment. Container + MySQL + Traefik + SSL, all provisioned through chat.
Visit siteThis portfolio site. Static deployment to nginx:alpine, managed and maintained by ITGuy.
Visit siteThree cron jobs run continuously with zero human intervention. Every morning: a full health report (load, disk, memory, all containers, SSL expiry). Daily: a dedicated SSL certificate watch that flags anything under 14 days. Sundays: a security and backup summary covering firewall state, Fail2Ban activity, failed logins, and pending patches.
Pure observation. No risk, no approval required. Just visibility, delivered where I already am.
Including DNS, SSL, and deployment verification
All management via Telegram on mobile
Health, SSL, security reports on schedule
Git-tracked with pre/post state verification
The most interesting part of the design is what's missing.
I can show you the live Telegram interface, the audit trail, and the full security model. If you're thinking about how AI agents should interact with production infrastructure, this is a working answer.