Building a Self-Hosted AI Server

Complete Web Interface, API Access, and Document Intelligence

A comprehensive guide to building a powerful self-hosted AI server with web-based chat interface, programmatic API access, and advanced document Q&A capabilities. This setup provides privacy-focused, high-performance AI without cloud dependencies.

Last Updated: February 2026

Updated for modern LLMs, improved RAG, and current best practices

1. Hardware Selection

The server is built for high-performance AI workloads with balanced component selection:

CPU: High-core-count processor (16+ cores recommended) for parallel processing
GPU: NVIDIA RTX 3090/3090 Ti or 4090 with 24GB VRAM
- 24GB VRAM sweet spot for 30-32B parameter models
- RTX 3090 Ti excellent value in 2026 (~$800-900 used)
RAM: 64GB DDR5 minimum for smooth operation
Storage: Dual NVMe SSDs
- Primary: 2TB for OS and applications
- Secondary: 2TB for data, models, and backups
Power Supply: 850W 80+ Gold (minimum for RTX 3090 Ti)

2. Operating System

Ubuntu Server 22.04 LTS provides a stable, well-supported foundation with long-term security updates.

Partitioning Strategy:

OS Disk: LVM for flexible partition management
Data Disk: ext4 mounted at /data
Separate data partition enables easy backup and OS reinstallation

3. Core AI Engine: llama.cpp

llama.cpp provides efficient LLM inference with GPU acceleration.

Installation:

git clone https://github.com/ggerganov/llama.cpp.git
cd llama.cpp
mkdir build && cd build
cmake .. -DLLAMA_CUBLAS=ON
cmake --build . --config Release

Model Selection (2026):

Recommended models for 24GB VRAM:

Qwen3-30B-A3B (MoE): Efficient, 30B total/3B active, excellent quality
Llama 3.3 70B (Q4): Maximum capability, ~39GB file size
Mistral Small 3 24B: Fastest responses, great for real-time
Qwen2.5-Coder 32B: Specialized for coding tasks

Running as System Service:

sudo nano /etc/systemd/system/llama-server.service

[Unit]
Description=Llama.cpp API Server
After=network.target

[Service]
Type=simple
User=youruser
Group=youruser
WorkingDirectory=/home/youruser/llama.cpp/build
ExecStart=/home/youruser/llama.cpp/build/bin/llama-server \
  --model /path/to/model.gguf \
  --port 8001 \
  --host 0.0.0.0 \
  --ctx-size 8192 \
  --n-gpu-layers 999 \
  --threads 8 \
  --parallel 2
Restart=always
RestartSec=5

[Install]
WantedBy=multi-user.target

Enable and start:

sudo systemctl daemon-reload
sudo systemctl enable llama-server
sudo systemctl start llama-server

4. Embedding Server

Embeddings convert text to vectors for semantic search and RAG applications.

Setup:

sudo nano /etc/systemd/system/llama-embedding-server.service

[Unit]
Description=Llama.cpp Embedding Server
After=network.target

[Service]
Type=simple
User=youruser
Group=youruser
WorkingDirectory=/home/youruser/llama.cpp/build
ExecStart=/home/youruser/llama.cpp/build/bin/llama-server \
  --model /path/to/embedding-model.gguf \
  --port 8003 \
  --host 0.0.0.0 \
  --embedding \
  --n-gpu-layers 999
Restart=always

[Install]
WantedBy=multi-user.target

Recommended embedding models:

nomic-embed-text-v1.5 (good quality, efficient)
BGE-large-en-v1.5 (alternative option)

5. Open WebUI - Web Interface

Modern web interface for LLM interaction with built-in features.

Docker Deployment:

version: '3.8'
services:
  open-webui:
    image: ghcr.io/open-webui/open-webui:main
    container_name: open-webui
    ports:
      - "8080:8080"
    volumes:
      - /data/open-webui:/app/backend/data
      - /var/run/docker.sock:/var/run/docker.sock
    restart: always

docker compose up -d

Features (2026):

Built-in Web Search: DuckDuckGo integration (no external service needed)
Model Switching: Change models per conversation
Document Upload: RAG with your documents
User Management: Multiple accounts with separate histories
API Access: OpenAI-compatible endpoints

6. RAG API - Document Intelligence

Custom FastAPI service for programmatic document Q&A with multiple collections.

Architecture:

Framework: FastAPI + LlamaIndex
Purpose: Semantic search and Q&A over document collections
Features: Multiple indexes, file upload, REST API

API Endpoints:

POST   /upload/{index_name}     - Upload documents
POST   /query                   - Query documents
GET    /indexes                 - List all indexes
POST   /rebuild/{index_name}    - Rebuild index
DELETE /index/{index_name}      - Delete index
GET    /health                  - Health check

Optimization Settings:

Chunk size: 512 tokens (optimal for retrieval)
Chunk overlap: 50 tokens
Top-k: 3 most relevant chunks per query

7. Secure Web Access with Nginx

Nginx provides reverse proxy, SSL/TLS termination, and API key authentication.

Port Configuration:

Port 443: Static web content
Port 8000: Web chat interface (proxy)
Port 8002: LLM API with authentication (proxy)

SSL/TLS:

sudo apt install certbot python3-certbot-nginx
sudo certbot --nginx -d yourdomain.com

Note: Certbot automatically renews certificates. Configure hardware firewall to allow only necessary ports.

8. Backup Strategy

BorgBackup provides efficient, encrypted backups with deduplication.

Key Features:

Deduplication reduces storage usage
Authenticated encryption (AES-256)
Mountable archives for easy file browsing
Compression for space efficiency

Basic Commands:

# Initialize repository
sudo borg init --encryption=repokey /data/backup_repo

# Create backup
sudo borg create /data/backup_repo::archive_name /

# List backups
sudo borg list /data/backup_repo/

# Mount for browsing
sudo borg mount /data/backup_repo::archive_name /mnt/restore

⚠️ Best Practice:

Add offsite backup via rclone to cloud storage (Backblaze B2, Wasabi) for disaster recovery.

System Architecture

┌─────────────────────────────────────────────────────┐
│                   Internet                          │
└────────────────────┬────────────────────────────────┘
                     │
        ┌────────────▼────────────┐
        │    Nginx Reverse Proxy   │
        │  (SSL/TLS, API Auth)     │
        └────────────┬────────────┘
                     │
        ┌────────────┴────────────┐
        │                         │
  ┌─────▼──────┐          ┌──────▼──────┐
  │ Open WebUI │          │  LLM API    │
  │  (Port 8000)│          │ (Port 8002) │
  └─────┬──────┘          └──────┬──────┘
        │                        │
        └────────┬───────────────┘
                 │
    ┌────────────▼────────────┐
    │    llama.cpp Server     │
    │   (Qwen3-30B-A3B)       │
    │      Port 8001          │
    └────────────┬────────────┘
                 │
    ┌────────────▼────────────┐
    │   NVIDIA RTX 3090 Ti    │
    │      24GB VRAM          │
    └─────────────────────────┘

    ┌─────────────────────────┐
    │      RAG API            │
    │  (Document Q&A)         │
    │    Port 8004            │
    └──────┬──────────────────┘
           │
    ┌──────▼──────┐
    │  Embeddings │
    │  Port 8003  │
    └─────────────┘

Use Cases & Applications

Interactive Web Chat

Web-based interface for general AI conversations, writing assistance, and research.

Document Intelligence

Query personal documents, game guides, technical manuals, research papers via semantic search.

API Integration

Connect external applications (VSCode, Obsidian, custom scripts) to local AI models.

Voice Assistant (Planned)

Home Assistant + Raspberry Pi nodes for self-hosted Alexa/Google Home alternative.

Privacy-Focused AI

All processing local - no data sent to cloud providers.

Performance Considerations

Context Window vs VRAM:

8K context: Recommended for most use cases (~6,000 words)
16K context: Maximum for 32B models on 24GB VRAM
32K+ context: Use smaller 14B model instead

Thinking Mode:

Modern models support optional "thinking mode" for complex reasoning. Disable for faster responses in casual chat (3-5x speedup).

Model Swapping:

Router mode allows multiple models on disk, auto-loading on demand. Only one large model fits in 24GB VRAM at a time.

Security Best Practices

Use Nginx reverse proxy - never expose internal ports directly
Enforce API key authentication for external access
Configure hardware firewall to deny all by default
Keep SSL certificates current (Certbot auto-renewal)
Regular system updates: sudo apt update && sudo apt upgrade
Monitor logs for suspicious activity
Consider offsite encrypted backups

Future Enhancements

Voice Control: Raspberry Pi + Home Assistant for voice interaction
Multi-Model Router: Automatic model switching based on query type
Offsite Backup: Cloud sync for disaster recovery
Monitoring: Healthchecks.io or Prometheus for alerting
Model Updates: Newer models released regularly (Llama 4, Qwen 3.5, etc.)

Conclusion

This self-hosted AI server provides enterprise-grade capabilities with complete privacy and control. The modular architecture allows easy upgrades and expansion as technology evolves.

Whether for personal use, small team collaboration, or development experimentation, this setup delivers powerful AI capabilities without cloud dependencies or ongoing costs.

Note:

The AI landscape evolves rapidly. Model recommendations and software versions should be verified against current releases. The architecture and principles remain consistent across updates.