I am a tax accountant in Japan. I have been working in IT for over forty years — starting from an era when source code was compiled overnight.
Last year I sat down and added up what my small practice was paying for SaaS: cloud storage, document collaboration, AI assistants, calendar, email, remote desktop, monitoring. The number was $163 per user per month. I decided to see whether I could build a self-hosted replacement that I actually understood and controlled.
This is what I ended up with, running in production on real client work every day:
- VPS: Vultr, $24/month, Ubuntu 24.04 LTS
- Access: Cloudflare Zero Trust (free tier) — 2 open ports, no VPN, no exposed SSH
- Cloud + editing: Nextcloud + Collabora Online
- AI: Unified proxy for ChatGPT, Claude, Gemini, Perplexity (~100 lines of Node.js)
- Automation: OpenClaw (≥2026.1.29, patched for CVE-2026-25253)
- Remote desktop: Apache Guacamole through 5 authentication layers
- Monitoring: Prometheus + Grafana + Alertmanager
- Backups: Nightly DB to Supabase + weekly AES-256 encrypted config archive
Total for a 3–8 person team: approximately $35–50/month.
I wrote a five-part guide covering the entire build. Every command, every configuration file, every place where I made a mistake. It is free and will remain so.
A few things I learned that may be useful to others here:
- Cloudflare Tunnel eliminated the need for a VPN entirely. Two ports open, everything else invisible. This was the single biggest simplification.
- The hardest integration was not the AI proxy — it was getting Collabora’s
aliasgroupconfiguration to work correctly with Cloudflare’s TLS termination. - OpenClaw’s CVE-2026-25253 (CVSS 8.8) is a serious concern. The architectural defense — localhost-only binding plus tunnel authentication — neutralizes it structurally, but it should not be deployed without understanding the risk.
- The most underrated component is Supabase as a backup target. PostgreSQL-to-PostgreSQL with zero format conversion.
I would be grateful for any feedback from this community. If you see something I could improve, or a better approach to any part of this stack, I would genuinely like to hear it.
I don’t give a shit if you use AI or not to translate from one language to another. Sounds to me like a perfect use of AI. Assuming you are of Japanese origin (‘financial planner in Japan’), I would find it quite difficult to translate from English to Japanese and still sound coherent. I have always wanted to learn tho, even if it’s just enough to order my authentic sushi and call it in it’s native tongue and impress my very competent sushi chef. It’s a fascinating language to me. However, in the future, it would be beneficial to you if you deleted all of these: ‘—’. They are a literal ‘fly in the ointment’ around these parts. I personally don’t run business apps in the cloud, so the article content, tho an interesting read, probably doesn’t really apply to me.
Thank you for sharing.
Yeah, I think the em-dashes are alright. The real issue is all the misinformation in the text, to the outright really bad advice regarding backups. And security. If anyone follows this tutorial, they’re bound to get burned. Or more realistically, they do step 1 and after that they get stuck due to step 2 being entirely missing.
I’d say chances this is a person from Japan is slim to none. It’s the AI’s persona roleplaying as an anime character.
Initially, it didn’t seem as if most weren’t focusing on that. It was the fact that AI was involved…somehow, which prompted my tongue in cheek ‘delete the em dashes’ comment. If there is misinformation, like the opensource of AI, sure by all means, point that out. I mean, unless the mods make a ‘no-AI rule’ which would seem almost impossible to determine with a bit of rewording and editing of an AI generated text, then they will come. It didn’t seem to fit into the ‘low-effort’ rule. So, I wonder what would happen if no one responded and just ignored the thread until the mods made a decision. I scroll right by plenty of threads. A good tongue lashing by the users here doesn’t seem effective at all.
I have no way to confirm that. On the internet, no one knows I’m a horse. Hell, even in real life, you really never know a person. You just know what they let you know.