Skip to content
YYefrixLab

Case study · AI & Automation

PocketOps: an AI server operator in your pocket

A mobile-first AI assistant that operates real infrastructure: it reads logs, restarts services, deploys apps and reports back, from a phone.

Industry
DevOps tooling
Timeline
3 weeks, ongoing
Year
2026
Services
AI agents, Product engineering, Security architecture

The problem

Server administration assumes a laptop and a terminal. But incidents do not schedule themselves around desk time: a container dies while you are out, a disk fills up on a weekend, a deploy needs a nudge from a train. SSH clients on phones technically exist, and typing docker compose logs --tail 200 on a glass keyboard is its own punishment.

What we built

A mobile-first operations assistant whose brain is a headless coding agent running on the server itself. You send a plain-language request from your phone: “the finance app looks down, fix it”. The agent inspects containers, reads logs, forms a hypothesis, applies the fix, verifies the service is healthy, and reports what it did, in sentences, not log dumps.

Design choices that make it trustworthy rather than terrifying:

  • The agent is the interface, not an oracle. It executes real commands with real tool access, so answers come from the actual system state, never from a model’s imagination of it.
  • Subscription-auth brain. The agent runs on existing subscription credentials rather than metered API keys sitting in a server env file, cutting both cost and key-leak surface.
  • Least privilege. The agent operates as a constrained user with access scoped to the app directories and Docker, with dangerous operations gated behind explicit confirmation.
  • Async by nature. Long operations stream progress; the phone can lock, the job finishes, the summary arrives.

Architecture

A FastAPI orchestration layer queues tasks for a headless Claude Code process on the host, with a mobile-optimized React front end and Telegram delivery for notifications. Everything runs inside the same reverse-proxy and 2FA perimeter as the rest of the fleet.

Outcome

Routine incidents stopped requiring a laptop. The pattern generalizes: any team running self-hosted infrastructure can bolt a constrained, auditable AI operator onto it and turn “check the logs when you get home” into a two-minute phone interaction.

Got a project that "just needs to ship"?

Tell me what you are building, what is blocking it, and when you need it live. You will get an honest answer about scope, cost, and timeline within 24 hours. No discovery-call theater.