My Homelab Journey

My homelab is more than just a collection of servers, it's my personal playground for learning, experimenting, and hosting the services I rely on daily. What started as a single Raspberry Pi has evolved into a robust infrastructure that teaches me about distributed systems, DevOps practices, and infrastructure management.

Philosophy

I believe in self-hosting for privacy, learning, and control. Every service I run teaches me something new about networking, security, or system administration.

Architecture & Design Decisions

I have two homelabs: one at home and one hosted on Hetzner. My home server runs everything for my media server, personal projects, and development environment. The Hetzner server is used for more critical services, like my Immich (photo management), Nextcloud (cloud storage) and Vaultwarden (password management) instances, which need higher availability, say in the case of if my cat decides to chew through my fiber cable... 🐈

Services & Applications

Development & Personal Projects

Custom Indexers

Custom-built indexer service for specialized content discovery and automation.

Why: Specialized needs, learning

AFFiNE

Self-hosted knowledge base (Notion alternative) and note-taking platform with block-based editing.

Why: Knowledge management, privacy

Personal Web Apps

Various personal projects: trip blog, bank app, job tracker, todo apps with custom backends.

Why: Learning, personal tools

WireGuard Easy

Simple WireGuard VPN server with web UI for managing client configurations.

Why: Secure remote access, easy setup

File Browser

Web-based file manager for easy access to server files through browser interface.

Why: Remote file access, convenience

PocketBase

Multiple instances serving as backends for personal projects with auth and database.

Why: Rapid prototyping, simple backend

Media & Entertainment

Plex & Jellyfin

Dual media server setup - Plex for main streaming, Jellyfin as open-source backup.

Why: Media streaming, redundancy

Prowlarr

Indexer manager that integrates with Sonarr and Radarr for Linux ISOs discovery.

Why: Centralized indexer management

FlareSolverr

Proxy server to bypass Cloudflare protection for automated tools and scrapers.

Why: Bypass protection, automation

qBittorrent + Gluetun

Torrent client running through VPN container for private downloading.

Why: Private downloading, VPN protection

Sonarr & Radarr

Automated Linux ISOs management.

Why: Automation, quality control

Overseerr

Request management system for Plex with user-friendly interface for media requests.

Why: User requests, approval workflow

Infrastructure & Management

Coolify

Self-hosted deployment platform running on both servers. Alternative to Vercel/Netlify.

Why: Easy deployments, Git integration

Portainer

Docker management UI running on both servers for container orchestration.

Why: Visual container management

Caddy

Web server with automatic HTTPS running on home server for local services.

Why: Simple config, automatic certificates

Cloudflared

Cloudflare tunnel client running on both servers for secure external access.

Why: Secure tunneling, no port forwarding

Traefik

Reverse proxy and load balancer running on VPS. Handles SSL termination and routing.

Why: Automatic HTTPS, service discovery

Dockge

Docker Compose stack manager with a clean web UI for managing compose files.

Why: Visual compose management

Personal & Productivity

Homebox

Custom made homelab UI to manage my services.

Why: Centralized management, custom dashboard

Nextcloud AIO

All-in-one Nextcloud setup on VPS with Talk, and full office suite.

Why: Complete cloud replacement, privacy

Stirling PDF

Web-based PDF toolkit for merging, splitting, and manipulating PDF files.

Why: PDF processing, privacy-focused

Immich

Self-hosted photo management with ML features, face recognition, and mobile apps.

Why: Google Photos alternative, privacy

Syncthing

Continuous file synchronization between devices without cloud dependencies.

Why: Decentralized sync, privacy

Vaultwarden

Self-hosted Bitwarden server on VPS for password management across all devices.

Why: Password security, self-hosted

Utilities & Tools

Backup Solution

Custom backup service running on VPS for automated data protection over S3-compatible MinIO storage.

Why: Data protection, automation

MinIO

S3-compatible object storage for backups and file storage with API access.

Why: Object storage, S3 compatibility, backups

Cross-Seed

Automatically finds cross-seedable torrents to maximize seeding and ratio.

Why: Seeding optimization, ratios

ArchiSteamFarm

Steam farming bot for collecting trading cards and managing Steam account automation.

Why: Steam card farming, automation

What I've Learned

Technical Skills

  • Docker orchestration and container networking
  • Reverse proxy configuration (Traefik, Caddy)
  • VPN tunneling and secure remote access
  • Multi-server architecture and service distribution
  • Automated media management and *arr stack integration
  • Self-hosted alternatives to cloud services
  • Database management (PostgreSQL, Redis, MariaDB)

Key Lessons

  • Split Critical vs. Experimental

    Running critical services (Nextcloud, Vaultwarden) on a VPS while keeping experimental and media services at home. Learned the hard way when the cat chewed through cables! 🐈

  • Automation Saves Sanity

    Building the complete *arr stack with Prowlarr, Autobrr, and Cross-Seed taught me that spending time on automation upfront saves hours of manual work later.

  • Security Through Tunneling

    Using Cloudflare tunnels and WireGuard instead of port forwarding. No open ports, better security, and easier management across multiple locations.

  • Redundancy is Worth It

    Running both Plex and Jellyfin, multiple deployment platforms (Coolify + custom), and backup solutions. When one fails, the other keeps things running.

Architecture Evolution

  1. Phase 1: Single Pi

    Started with a Raspberry Pi running basic services. Learned Docker basics and container fundamentals.

  2. Phase 2: Home Server

    Upgraded to dedicated hardware. Built the media stack, learned about networking, reverse proxies, and automation.

  3. Phase 3: Hybrid Cloud

    Added VPS for critical services. Learned about service distribution, tunneling, and high availability patterns.

Biggest Challenges Overcome

  • Container Networking Complexity

    Getting qBittorrent to work through Gluetun VPN container while still being accessible to Sonarr/Radarr. Learned about Docker networks and container communication.

  • SSL Certificate Management

    Managing certificates across multiple domains and services. Caddy's and Traefik's automatic Let's Encrypt integration was a game-changer.

  • Resource Management

    Balancing 40+ containers across limited resources. Learned about resource limits, monitoring, and when to scale horizontally vs. vertically.