personal infrastructure

over the years, i've written a lot of compter code, both professionaly and personally. as the saying goes though, the cobbler's children has no shoes, and that also applies to my personal software projects. i have to spend effort to create infrastructure to be able to access them from all my devices, and that has gone through many iterations over the years.

most of the time i create software toys. not fully fleshed out ideas, but something that sparked an interest, and i want to see and interact with from my phone, or my laptop, or any other internet capable device. what i need is a safe space to create applications and experiment. be it simple http apis, to full web applications with a frontend and backend.. but without worrying about the wild west of the internet banging on my open ports.

big picture

fundamentally it comes down to connecting compute and storage over a private network.

network diagram showing virtual network connecting laptop, tablet, and phone to storage and compute resources
a primitive pictograph of the infrastructure

the network is what keeps everything private. i choose what devices can connect, and then only expose ports on that network. what this allows me to do is access any of my internal services, like file storage or compute, from any of my devices like the laptop, tablet, or phone. over the years it's evolved from ssh/sftp, to openvpn, to zerotier, and most recently, tailscale.

tailscale brings super easy configuration and monitoring, along with the platform support i need (it's available on ALL my devices). i love the dns support, and the ability to have https services without self-signed certificates (which i used to do on my own, and it's a pain). that way i can have a secure connection from my phone to any server at home.

beyond this, tailscale also offers a sharing option, which i've used to host services with friends.

storage

currently i have a synology nas with a tailscale client that allows me to connect via https and smb to access my files remotely and on my phone, from anywhere. every device i have the nas, and all the custom apps store their data there.

beyond that, there's an offline backup strategy for the critical files. by storing content by a year/month/day directory structure makes it easy to create backups by year for each of the custom apps.

compute

for the compute layer, i have an intel box, with an nvidia gpu, and ssd storage. i use ubuntu right now, but i wouldn't say i'm a fan (just too lazy to change it). it hosts nginx as the proxy for the custom apps and services. i use docker (using docker remote from my laptop) to deploy apps and services. kinda old school devops (with log rolling and cron jobs), but it works.

over the years i've grown to love certain tools and there the first thing i install anywhere i have to work. although i hated sql at the start, postgresql is my favorite database engine. both large and small, it's a solid tool. for key value stores, the one known formerly known as redis is my go-to choice. and since llms are a thing, i've been using ollama to host local large language models.

conclusion

it definitely has that homegrown feel to it, but it's been a solid implementation where i don't have to worry about runaway hosting costs, or script kiddies exploiting a poorly implemented endpoint.

it makes it easy to experiment with ideas, knowing i'm at risk of exposing personal information. and it's really cool having a custom app on my phone that's connected to my home network1.

Notes

  1. back in the day, mid-90's, i had a 486 box running freebsd, with a ppp autodialer to the local isp over a zyxel 28.8k modem. since i'd hang around at my local isp, the owner at one point asked me to not dial in so much. so i had a cronjob that'd dial in at the top of the hour, and stay connected for 10 min. if i needed to access that box i'd have a small window of time to connect. i recall a couple of times where i was hoping someone wasn't using the phone at home.