Hi HN - I wrote up how I set up a Hetzner bare-metal server with NixOS for running OpenClaw/agent workloads. The install itself became a reusable Nix-based workflow, but the more interesting part came after: I now let OpenClaw propose changes to the system by opening pull requests against the Nix config. I review and merge the PRs, and the machine only changes through the declarative config.

That feels like the right model for agents. Don't give them random mutable servers and hope for the best. Give them "things-as-code": Nix configs, typed options, diffs, builds, PR review, rollbacks, and a clear apply path.

Agents are much better when the world they operate on is represented as code.

I use nix for my MacOS but never gave NixOS a try, now that I think of it openclaw (hermes in my case) is a great usecase