Embedded Files
I built a secure, private cloud + media system for my personal data and workflows.
The HomeLab
Modern workflows rely heavily on privatized cloud services (Google Photos, iCloud, streaming platforms like Netflix and Hulu, etc), which can be costly in the long term, fragmented, and raise concerns about privacy and control.
I built a self-hosted server system (“The Homelab”) that replaces multiple cloud services with a unified, private, and secure environment accessible from anywhere on trusted devices.
***Some components are still being built: work-in-progress. See "Planned Expansion" below for more details.***
Service Descriptions
Immich: Self-hosted analogue of cloud based media storage (ie, Google Photos)
Immich Dashboard
The main page organizes photos and videos by date (featuring pics from a DC trip, showcasing cherry blossoms and dinner that day). Any device connected to the account can select which photos to sync and backup to unified storage.
Immich Photos by Geotag
A cool feature of Immich, where collections of photos and videos are organized by location per Geotag and displayed on a map (featuring pics from my wedding day in South Jersey).
Jellyfin: Self-hosted analogue of streaming services (ie, Netflix, Hulu)
Jellyfin Dashboard
Content can be organized by genre (as shown above), suggestions (based on previously watched), favorites, or collections per franchise.
Jellyfin Descriptions
Each movie / show entry scrapes public data from websites like IMDb to provide movie / show description, tags, ratings, cast / crew descriptions, etc.
Pi-hole
Network-wide ad-block (including any remote device connected via VPN)
Centralized Domain Name System (DNS) to simplify service usage (and hide host IP addresses)
Real-time network visibility and monitoring
TrueNAS
Operating System for Network Attached Storage (NAS) node
Multiple functions:
Provides diagnostics
Performs high reliability backups
Offers permission configurations individualized for each dataset within the network
Proxmox
Central platform which runs and manages all server applications
Allows multiple services (media streaming, photo backup, and networking tools) to operate independently on the same hardware
Provides service isolation (via multiple containers), so issues in one does not affect others
Enables backups and snapshots
(Actual image not included for privacy)
Nginx
"Front door" to the server, directing requests to the correct service
Allows simple, readable addresses to be used instead of IP addresses and ports
Enables HTTPS encryption with self signed certificates
Restricts access to trusted networks (LAN + VPN only)
(Actual image not included for privacy)
Tailscale
Creates a private, encrypted network between personal devices
Allows access to services (e.g., Jellyfin, Immich) from outside the home WITHOUT opening ports or exposing the server publicly
Restricts access so only authorized devices can connect
Integrates with internal DNS (Pi-hole) for clean service access
(Actual image not included for privacy)
Planned Expansion:
Personal cloud document storage service (Nextcloud), analogue of Google Drive or Dropbox
Smart home integration (Home Assistant), central control for smart devices with automation of appliances such as lighting, thermostats, smart plugs, etc
Surveillance system (Frigate), camera monitoring that does NOT transmit over public internet, with local AI object detection (can identify people, cars, etc)
Local LLMs / AI compute, can be used to create a private AI assistant
Off-site backup server for external parity of the most important personal files
Bonus image: cleaning off the compute node. A friend passed down this old enterprise-level server to me, and I use this to run some of the services above, alongside a separate storage node (not pictured). Still works like a charm and quite dependable!
Click another tab above to explore more of my hobbies and interests!
Google Sites
Report abuse