my personal infrastructure

march, 2024

[for those readers not so technically inclined, this article may not make much sense.]

over the years, i've written a lot of compter code, both professionaly and for myself. as the saying goes though, the cobbler's children has no shoes, and that also applies to my personal software projects. i have to spend some effort to create infrastructure to be able to access them from all my devices, and that has gone through many iterations over the years.

most of the time i create software toys. not fully fleshed out ideas, but something that sparked an interest, and i want to see and interact with from my phone, or my laptop, or any other internet capable device. what i need is a safe space to create applications and expierment. be it simple http apis, to full web applications with a frontend and backend.. but without worrying about the wild west of the internet banging on my web server.

big picture

[diagram of nginx/cyrox/olama/redis/xtdb/nas with laptop and phone able to access it.]

i ❤️ tailscale

my virtual networking layer of choice used to be zerotier, but tailscale has taken it's place.

[disclaimer, i haven't paid for tailscale yet, but i'm a huge fan.]

the virtual network is what keeps everything private. i choose what devices can connect, and then only expose ports on that network. what this allows me to do is access any of my internal services, like file storage or compute, from any of my devices like the laptop, tablet, or phone.

tailscale brings super easy configuration and monitoring, along with the platform support i need. i love the dns support, and the ability to have https services without self-signed certificates (which i used to do). that way i can have a secure connection from my phone to any server at home.

beyond this, tailscale also offers a sharing option. i could give permission to someone else to join my network, and expose specific resources to them.

storage

after the network comes storage. currently i have a synology nas with a tailscale client that allows me to connect via https and smb to access my files remotely and on my phone, from anywhere. the linux server also mounts the nas, and all the custom apps store their data there.

beyond that, there's an offline backup strategy for the critical files. by storing content by a year/month/day directory structure makes it easy to create backups by year for each of the custom apps.

compute

for the compute layer, i have an intel box, with an nvidia gpu, and ssd storage. i use ubuntu right now, but i wouldn't say i'm a fan (just too lazy to change it). it hosts nginx as the proxy for the custom apps and services. i use docker (using docker remote from my laptop) to deploy apps and services. kinda old school devops (with log rolling and cron jobs), but it works.

over the years i've grown to love certain tools and there the first thing i install anywhere i have to work. although i hated sql at the start, postgresql is my favorite database engine. both large and small, it's a solid tool. for key value stores, the one known formerly known as redis is my go-to choice. and since llms are a thing, i've been using ollama to host local large language models.

conclusion

it definitely has that homegrown feel to it, but it's been a solid implementation where i don't have to worry about runaway hosting costs, or script kiddies exploiting a poorly implemented endpoint.

it makes it easy to experiment with ideas, knowing i'm at risk of exposing personal information. and it's really cool having a custom app on my phone that's connected to my home network.