Sumarhus Alpha
A personal AI operating system, built from scratch
The infrastructure behind a personal AI system: 34 skills, 16 hooks, persistent memory, multi-agent collaboration, and a security model forged through documented failure. Evolving daily since 2022.
“Fast is slow; secure is fast.
The Challenge
Commercial AI platforms offer conversation — not operational capability. Agents lose all context between sessions. They cannot access infrastructure, remember yesterday's decisions, or collaborate with each other. Building a real personal AI requires persistent memory, secure access to local services, coordinated multi-agent workflows, and a security model that survives the operator's own mistakes. The system also needed to bridge the digital and physical: a Siemens S7-1200 PLC controlling a hot tub, a GPU workstation running 70B+ parameter models locally, and a Proxmox hypervisor hosting production services — all stitched together into something that works as a single coherent system.
The Approach
The system evolved through daily use, not upfront design. What started in 2022 as exploration of AI tools — courses at Oxford, building workflows, integrating AI into university work at UNAK — became a structured personal infrastructure by January 2026. The architecture follows a workspace-based model: everything important is a markdown file — human-readable, git-trackable, auditable. Three physical machines connect through a Tailscale WireGuard mesh. Two AI agents (PAI on Mac, ClaudBot on VM) collaborate through a Go message relay with embedded Tailscale networking. 34 skills cover domains from academic writing to security reconnaissance. 16 hooks capture outputs, sentiment, ratings, and feed them back into the memory system. A Mission Control dashboard provides 8-layer health monitoring. Security evolved through documented failure: a v1.2 credential leak led to full remediation — Tailscale grants-based ACLs, GPG-encrypted pass store, Gitleaks scanning, and a public/private documentation split. Every security lesson is published as a teaching resource.
Outcomes
Sumarhus Alpha is what happens when you spend three years working with AI tools and then decide to give the AI a home. Not a chat window — a workspace with persistent memory, 34 specialized skills, access to physical infrastructure, secrets management, and the ability to collaborate with a second agent running on a separate machine.
The name comes from the Icelandic for "summer house" — a place you build yourself, maintain yourself, and own completely. The journey started in 2022 with AI tools in daily work, grew through courses and conferences, and crystallized in January 2026 when the scattered pieces became a coherent system: two agents, three machines, a mesh network, and a philosophy that the workflow is never finished — it is always adopting and in development.
The Journey
This did not start as an infrastructure project. It started as curiosity — using AI tools for real work as an AI Project Manager at the University of Akureyri, attending courses at Oxford, building increasingly complex workflows. By 2025 the thesis Beyond Fragmentation had formalized the philosophical framework. What was missing was the system itself — the proof that a personal AI could operate as a genuine extension of human capability, not just a conversation partner.
In January 2026, the infrastructure sprint began. Fourteen days, twenty-four documented architecture versions, from a single agent setup to a distributed multi-agent system with mesh networking, GPU inference, industrial IoT, and a security model hardened through real failure.
The System
Three physical machines connected through a Tailscale WireGuard mesh VPN:
- MacBook Pro — Primary workstation running PAI via OpenClaw. Memory files, 34 skills, daily logs, and the workspace live here.
- Proxmox Hypervisor — Three VMs: Docker host (8 containers + ClaudBot), Home Assistant (IoT + hot tub PLC), PocketBase (self-hosted backend with Tailscale Funnel).
- Hercules — Dual-GPU workstation (RTX 5090 + RTX 4090, 56GB VRAM) running 7 local models via Ollama and LiteLLM. Services bound to localhost, exposed via Tailscale Serve with identity headers.
Skills and Intelligence
The system is not just infrastructure — it is an agent with specialized capabilities. 34 skills span research (multi-model parallel research, academic writing, OSINT), development (CLI generation, browser automation, code review), security (penetration testing, prompt injection analysis, reconnaissance), creative work (art generation, extended thinking), health (Garmin integration, fitness tracking), and governance (the VALOR framework from the thesis). Each skill is a structured sub-algorithm that the agent selects based on the task.
16 hooks in Claude Code create a continuous learning loop: capturing agent outputs, analyzing sentiment, logging ratings, validating security, and feeding everything back into a persistent memory system. Daily logs accumulate operational history. Long-term memory files curate the knowledge that matters. The result is an AI that remembers yesterday, learns from its mistakes, and gets better at anticipating what is needed.
Multi-Agent Collaboration
Two AI agents operate independently and collaborate through a message relay. PAI runs on the Mac for interactive work — file management, code generation, research, memory curation. ClaudBot runs on a VM with its own GPG key, pass store, and GitHub access, serving Discord users 24/7 even when the Mac is offline. The message relay — rewritten from Node.js to Go with embedded Tailscale (tsnet) — is a sovereign Tailscale device at 38.8MB in a distroless container.
Security Through Honesty
The most honest part of this project is the security log. Version 1.2 shipped credentials in a documentation file committed to git. The remediation — rotating every credential, rewriting git history, configuring ACLs, migrating secret management, splitting public/private documentation — took three times longer than doing it right would have. Seven security lessons are documented with before/after code, published as a teaching resource. The system earns trust not by being perfect but by being transparent about every failure.
Philosophy
Sumarhus Alpha is a living system. The workflow is always adopting and in development — that is not a limitation, it is the design. A personal AI that stops evolving stops being useful. Every day brings new skills, new integrations, new lessons. The architecture is built for change: walking skeleton first, cosmetics last, one integration at a time, git commit per feature. Bjartur built Summerhouses one stone at a time.
Technology Stack
Resources
Lessons Learned
- Documentation is a security surface — a single commit with credentials in an architecture document compromised the entire system. Treat docs as code.
- Two cooperating AI agents outperform a single omniscient agent — independence and resilience matter more than shared context.
- The system is never finished. The workflow is always adopting and in development. That is the point — a personal AI that evolves with you, not a product that ships.
- Local LLMs are production-ready for IT automation when paired with the ReAct pattern. Qwen 32B on a 5090 handles most routine tasks without touching an API.
- Moving fast without security review creates debt that takes 3x longer to remediate. Every shortcut in v1.2 cost three hours in v1.3.
- A 38.8MB Go binary with embedded Tailscale replaces a 200MB Node.js service and gains its own network identity — tsnet is an underappreciated building block.
Explore the Project
Related Projects
View all projects →
Smarason.is
A privacy-first portfolio built on Next.js 15, Tailwind v4, and Sanity CMS. Bilingual, accessible, zero tracking — the architecture reflects the philosophy.
Beyond Fragmentation
MA thesis on AI governance. Introduces Responsibility Fog, Cognitive Debt, and the VALOR Framework.
BORG
University of Akureyri's secure hybrid AI platform — combining commercial AI with on-premise GPU infrastructure for academic data sovereignty.