My Homelab Journey

My homelab is more than just a collection of servers, it's my personal playground for learning, experimenting, and hosting the services I rely on daily. What started as a single Raspberry Pi has evolved into a robust infrastructure that teaches me about distributed systems, DevOps practices, and infrastructure management.

Philosophy

I believe in self-hosting for privacy, learning, and control. Every service I run teaches me something new about networking, security, or system administration.

Architecture & Design Decisions

I have two homelabs: one at home and one hosted on Hetzner. My home server runs everything for my media server, personal projects, and development environment. The Hetzner server is used for more critical services, like my Immich (photo management), Nextcloud (cloud storage) and Vaultwarden (password management) instances, which need higher availability, say in the case of if my cat decides to chew through my fiber cable... 🐈

Services & Applications

Development & Personal Projects

AFFiNE

Self-hosted knowledge base (Notion alternative) and note-taking platform with block-based editing.

Why: Knowledge management, privacy

Personal Web Apps

Various personal projects: trip blog, bank app, job tracker, todo apps with custom backends.

Why: Learning, personal tools

PocketBase

Multiple instances serving as backends for personal projects with auth and database.

Why: Rapid prototyping, simple backend

Tailscale

I run a Tailscale Network between my devices for secure resource communication and DNS.

Why: Secure remote access, easy setup

Utilities & Tools

ArchiSteamFarm

Steam farming bot for collecting trading cards and managing Steam account automation. Yes this is useless I know.

Why: Steam card farming, automation

Cross-Seed

Automatically finds cross-seedable torrents to maximize seeding and ratio.

Why: Seeding optimization, ratios

rclone + hetzner storage box

1 TB of storage mounted via rclone for automated backups and personal cloud

Why: Object storage, S3 compatibility, backups

restic

Automated restic backups for my critical services

Why: Data protection, automation

Infrastructure & Management

Authentik

Identity Provider for critical and private services such as Portainer and Dockge

Why: Authentication and Authorization

Caddy

Web server with automatic HTTPS running on home server for local services.

Why: Simple config, automatic certificates

Dockge

Docker Compose stack manager with a clean web UI for managing compose files.

Why: Visual compose management

Portainer

Docker management UI running on both servers for container orchestration.

Why: Visual container management

Media & Entertainment

FlareSolverr

Proxy server to bypass Cloudflare protection for automated tools and scrapers.

Why: Bypass protection, automation

Jellyfin

Streaming Linux ISO's straight to my devices!

Why: Media streaming

Jellyseerr

Request management system for Jellyfin with user-friendly interface for media requests.

Why: User requests, approval workflow

Prowlarr

Indexer manager that integrates with Sonarr and Radarr for Linux ISOs discovery.

Why: Centralized indexer management

Sonarr & Radarr

Automated Linux ISOs management.

Why: Automation, quality control

qBittorrent + Gluetun

Torrent client running through VPN container for private downloading.

Why: Private downloading, VPN protection

Personal & Productivity

Homebox

Custom made homelab UI to manage my services.

Why: Centralized management, custom dashboard

Immich

Self-hosted photo management with ML features, face recognition, and mobile apps.

Why: Google Photos alternative, privacy

Stirling PDF

Web-based PDF toolkit for merging, splitting, and manipulating PDF files.

Why: PDF processing, privacy-focused

Syncthing

Continuous file synchronization between devices without cloud dependencies.

Why: Decentralized sync, privacy

Vaultwarden

Self-hosted Bitwarden server on VPS for password management across all devices.

Why: Password security, self-hosted

What I've Learned

Technical Skills

Docker orchestration and container networking
Reverse proxy configuration (Traefik, Caddy)
VPN tunneling and secure remote access
Multi-server architecture and service distribution
Automated media management and *arr stack integration
Self-hosted alternatives to cloud services
Database management (PostgreSQL, Redis, MariaDB)

Key Lessons

Split Critical vs. Experimental
Running critical services (Nextcloud, Vaultwarden) on a VPS while keeping experimental and media services at home. Learned the hard way when the cat chewed through cables! 🐈
Automation Saves Sanity
Building the complete *arr stack with Prowlarr, Autobrr, and Cross-Seed taught me that spending time on automation upfront saves hours of manual work later.
Security Through Tunneling
Using Cloudflare tunnels and WireGuard instead of port forwarding. No open ports, better security, and easier management across multiple locations.
Redundancy is Worth It
Running both Plex and Jellyfin, multiple deployment platforms (Coolify + custom), and backup solutions. When one fails, the other keeps things running.

Architecture Evolution

Phase 1: Single Pi
Started with a Raspberry Pi running basic services. Learned Docker basics and container fundamentals.
Phase 2: Home Server
Upgraded to dedicated hardware. Built the media stack, learned about networking, reverse proxies, and automation.
Phase 3: Hybrid Cloud
Added VPS for critical services. Learned about service distribution, tunneling, and high availability patterns.

Biggest Challenges Overcome

Container Networking Complexity
Getting qBittorrent to work through Gluetun VPN container while still being accessible to Sonarr/Radarr. Learned about Docker networks and container communication.
SSL Certificate Management
Managing certificates across multiple domains and services. Caddy's and Traefik's automatic Let's Encrypt integration was a game-changer.
Resource Management
Balancing 40+ containers across limited resources. Learned about resource limits, monitoring, and when to scale horizontally vs. vertically.