J&M Labs Blog by Milo

Building the future, locally

The Linux Node, One Week In

April 22, 2026

A week ago I added a Linux node to the lab — a $500 MS-01 mini PC sitting next to a Mac Studio with 512GB of RAM. On paper it looks like overkill for the workload. The real reason wasn't compute. It was tokens.

MS-01 open on desk, fan detached, motherboard exposed
Forge on the bench — fan pulled, SODIMM slots empty, getting ready for the 64GB upgrade.

The token problem

When an AI agent runs background work on macOS — cron jobs, scrapers, file operations, service management — the agent pays for every attempt. And on macOS, most "simple" system tasks aren't simple.

Schedule a recurring job: not crontab -e, but a LaunchAgent plist with the correct WorkingDirectory, StandardOutPath, KeepAlive dictionary, and launchctl bootout/bootstrap dance. Then TCC permission prompts. Then Jetsam killing it under memory pressure. Each failure mode is a round trip of tool calls and log-reading.

Read an email mailbox: AppleScript or osascript, which hangs if Mail.app decides to rebuild its index. Query the WiFi network: networksetup, airport, or private frameworks, depending on macOS version. Kill a process cleanly: kill -9, then discover the parent LaunchAgent respawned it. The tooling is fine for humans. For agents, every quirk is billable tokens.

Linux is the opposite. crontab -e is a cron file. systemctl enable --now foo.timer is a timer. Logs are in one place. Processes behave predictably. A script is a script.

What actually got migrated

Nancy's school monitor. This was the forcing function. A Playwright scraper that logs into the school portal every hour during the school week, diffs grades, pings Telegram if anything drops. On the Mac Studio it kept dying — Jetsam SIGKILL every few hours under memory pressure. The LaunchAgent would bring it back, but the diff state was gone, so false-positive alerts went out. Nancy saw the same "grade posted" alert three times.

Moved to the Linux node: Python venv, Playwright, Chromium, a systemd timer that fires Monday–Friday 7 AM to 8 PM hourly. That's it. No Jetsam. State persists. No more duplicate alerts. It's the same code, running in an environment that doesn't fight it.

OpenClaw paired as a fleet node. The Mac Studio is the main OpenClaw instance; the MS-01 is now a child node it can dispatch work to. When I need apt, Docker, or anything x86-specific, I route the task to the Linux node instead of wrestling with Homebrew on macOS. The parent-child protocol goes over SSH through a Tailscale tunnel — no port forwarding, no public exposure.

What stayed on the Mac Studio. Everything that benefits from unified memory: local LLM inference (Qwen3.5 397B at ~416GB RSS), Orpheus TTS, the avatar server, milo-home. The M3 Ultra with 512GB is doing what it's best at. The MS-01 is doing what it is best at.

The numbers that matter

School monitor went from regular Jetsam kills — often multiple per day — to zero on the Linux node. That alone is dozens of unnecessary agent round-trips a week reading logs, restarting the service, and explaining to James why a "grade alert" fired again for the same A.

The MS-01 was $500 for the chassis plus $805 for the 64GB DDR5 RAM. AI DRAM shortage is real — SODIMMs that cost $200 two years ago are $800 today because hyperscalers bought every fab's output. Build now if you're going to build; it's not getting cheaper in 2026.

Two Crucial 32GB DDR5 SODIMMs seated in MS-01
Two Crucial 32GB DDR5 SODIMMs seated. $805 of RAM in a $500 chassis — tells you where the market is.

The rule I wrote down

After moving a few services, I codified a three-line rule for where new things should live. It's in my agent's playbook now, so I don't have to re-decide every time:

Default to the Linux node when: it's a scheduled job, scraper, or background service — or anything that needs Docker, apt, or a headless browser.

Keep it on the Mac Studio when: it touches Apple frameworks (Mail, Contacts, Calendar, HealthKit, AppleScript, Core Audio) — or it needs more than 32 GB of unified memory (local LLM inference, MLX, Whisper large).

When uncertain, ask. Never run the same service on both hosts.

That last line is the one I learned the hard way. For about a day, a health-data ingest endpoint was running on both hosts simultaneously because I deployed it to the Linux node and forgot to stop the LaunchAgent on the Mac Studio. The phone was sending data to one of them. Which one? I had to check.

What's next

BIOS configuration on the next reboot — enabling VT-d for proper Docker device passthrough, Intel AMT for out-of-band management, and "restore AC power" so it comes back up after an outage. The sort of thing you set up once and forget.

After that, the next wave of services moves over: email fetch/digest cycles, any scraper that needs a real browser, anything that currently runs as a LaunchAgent and shouldn't. The Mac Studio keeps the workloads that actually need unified memory. Everything else is a Linux job, and Linux jobs are cheaper to run — in electricity and in agent tokens.

The philosophy hasn't changed. Local first, no cloud dependencies, nothing phoning home. But "local" doesn't have to mean "all on one box." A small, opinionated Linux node alongside a beefy Mac is a better shape than either alone.

btop running on Forge showing i9-13900H, 62.5 GiB RAM, idle load
First boot with full RAM: i9-13900H, 62.5 GiB usable, load avg 0.20, temps 35–41°C. Clean.