AI-coding VPS, in one command.
A hardened, agent-ready Hetzner box in ~5 minutes. Zero public inbound ports, Claude Code installed, real 3-2-1 backups, lockout-proof. The @levelsio "vibe coding on a server" stack โ packaged, security-correct, and actually tested on real hardware.
Get the kit โ $49 See what's insideDoing this by hand is full of traps that aren't in any documentation.
We caught 13 of them during real-hardware validation. Each one is now silently handled by the kit.
- Hetzner renamed CX22 โ CX23 and only ships it from EU-central. Every tutorial referencing the old SKU 404s on instance selection.
systemctl reload nginxsilently fails when your vhost listens on a more specific IP than the running default site. Returns 0, serves the welcome page, you debug for hours.- Litestream's release
.debusesx86_64โdpkg --print-architecturereturnsamd64. Every "install latest litestream" URL pattern out there 404s. needrestartpost-install hooks hangapt-get installforever on no-TTY SSH (no error message, holds the dpkg lock). Default on Ubuntu 22.04+.- Cloudflare zones can have Universal SSL permanently disabled on the free plan, with no user-recoverable path. The dashboard "Enable" button errors in a loop. A fresh Registrar zone is the only out.
- Tailscale SSH periodic re-auth โ only documented in their ACL docs. Looks like a hang to anyone else.
- The Cloudflare dashboard's "install command" is meant for a different machine than the one you're staring at. We watched ourselves run it on the wrong one.
- โฆ and 6 more, all documented in the kit's
GUIDE.mdAppendix D.
What you get
One private GitHub repo, lifetime access:
vibebox.shโ one idempotent, phased lockdown script with a deadman timer that physically prevents you from locking yourself out. ~400 lines of well-commented, field-tested bash.GUIDE.mdโ the full walkthrough: provisioning, the trap-free Cloudflare flow, mobile coding via Termius + Mosh + tmux, 3-2-1 backups, recovery scenarios, token hygiene, and an honest "when NOT to do this" section.- Packer template โ bakes a Hetzner image with all the slow installs done. New boxes from snapshot: ~40 seconds boot-to-ready vs. ~3โ5 min on a stock image.
- Terraform module โ one
terraform applyper box. - PHP + SQLite + jQuery starter โ the "dumb stack" the agent makes fewest mistakes on, with a pre-tuned
CLAUDE.mdruleset he never published. - Claude Prompt Pack โ 8 battle-tested prompts: security audit, new-project scaffold, SQLite migration with backup-first safety, Litestream R2 setup, hostname routing, autopilot loop, Telegram bot daemon, more.
- Research dossier โ
LEVELSIO-STACK.mdwith every claim dated, sourced, and confidence-flagged. - Launch kit โ teaser thread + landing page copy if you want to remix the kit.
What it costs to actually run (we mark up none of it)
| Service | Role | Typical cost |
|---|---|---|
| Hetzner | the VPS | $5โ$10/mo |
| Cloudflare | tunnel + DNS + Universal SSL | free |
| Tailscale | private SSH mesh | free |
| Anthropic | Claude Code | your existing plan |
| Cloudflare Registrar (optional) | domain | ~$10โ15/yr |
Total: ~$7/mo for the box + whatever you already pay Anthropic. The kit itself is one-time.
Field-validated
End-to-end on Hetzner CX23 in EU-central, Ubuntu 26.04 LTS. Both delivery paths verified:
- Path A โ
vibebox.shon stock Ubuntu: ~3โ5 min to fully configured. - Path B โ Packer image + Terraform: ~40 seconds boot-to-ready from snapshot.
13 empirical bugs caught and squashed during the live run. Scripts MIT-licensed. ~32 files, ~2,300 lines.
Pricing
Standard
- Everything in the kit
- Lifetime private-repo access
- All updates pushed (
git pull) - MIT-licensed scripts
Pro
- Everything in Standard
- Buyer Discord access
- Priority bug-fix response (48h)
- 30 min async 1:1 setup help
- Proactive breaking-change pings
Coupon FOUNDERS40 at checkout = 40% off, first 50 buyers ($29.40 / $59.40).
FAQ
Is this affiliated with @levelsio?
No. Inspired by his publicly shared workflow. Not endorsed by him.
Do I need a domain?
Only if you want public HTTPS. The kit also works as a private agent-dev box accessed only over Tailscale (no domain needed). If you do want public, the kit walks you through buying one through Cloudflare Registrar for ~$10โ15/yr โ the only happy path.
Is IS_SANDBOX=1 a real sandbox?
No, and the kit is explicit about this. The real safety boundary is the disposable per-project VPS plus the 3-2-1 backups. The kit makes that safe and effortless โ it doesn't lie about the flag.
Will this work on DigitalOcean / Linode / OVH?
The vibebox.sh path works on any fresh Ubuntu 24.04 / 26.04 box with root SSH. Packer + Terraform target Hetzner specifically. Adapting to other providers is straightforward but not pre-built.
Refunds?
14-day refund if you can't make it work. I'll try to help you debug first.
Ready to skip the 17-step debug session?
Hardened, agent-ready VPS in ~5 minutes. Use FOUNDERS40 at checkout for 40% off (first 50 buyers).