Agreed. NixOS + Tailscale is 99% there for me. Using Claude Code to deal with whatever other package I need built with nix while I'm working on $day_job things helps get me to a fully working system. Besides the fact that running containers via podman or docker (your choice) is super easy via a NixOS config.

Combine that with deploy-rs or similar and you have a very very stable way to deploy software with solid rollback support and easy to debug config issues (it's just files in the ./result symlink!)