Case study Evolving
Self-hosted infra
Backend · Infra · Self-hosting
A single Raspberry Pi, several isolated apps in Docker Compose, one front door with automatic TLS. IoT is just one tenant.
Several projects, one machine. Rather than scatter them, I built a shared self-hosted base on a Raspberry Pi: each app lives in its own Docker Compose project, isolated, but shares the infra that matters.
No third-party cloud. Everything runs locally, behind a single front door.
Two inbound paths:
HTTPS for the services worth exposing publicly: NPM manages Let's Encrypt certificates and their renewal, then routes to each Compose stack.
WireGuard over direct UDP for private LAN access from outside, SSH included.
UFW closes everything else.
Every project follows the same template: CI (quality, lint, tests, build) then CD on the self-hosted runner. New project? Same pipeline, no exception.
Each Compose stack runs in its own Docker network. No cross-project traffic by default: only NPM talks to the services it proxies.
Reverse proxy, TLS, service isolation, a machine that holds up for years. If running a lean system in production speaks to you, let's talk.
This site is the proof: served by the infra it describes.
Get in touch →References
-
[01]
Nginx Proxy Manager
The lab's front door. A simple interface over Nginx to route domains and manage Let's Encrypt certificates without hand-editing config. The right middle ground between raw Nginx and an over-engineered setup.
-
[02]
Home Assistant
The home-automation platform at the heart of the IoT stack, one of the lab's tenants. Everything runs locally, not a byte to a third-party cloud, and the integration ecosystem covers nearly all hardware on the market.