Software

What runs here — and, more importantly, why.

The thesis is simple: your data is more private when it lives on hardware you control. No one is training a model on it, scanning it for ads, or changing the terms of service while you sleep. Almost every service below has a polished commercial equivalent — often a good one. I run the open-source version because it keeps my data local, my costs flat, and my understanding deep.

There are real trade-offs. You become the support team. Backups are your problem. Upgrades are your call. If that sounds like work rather than fun, the cloud app is the right answer — no shame in that. But if you value the ownership and enjoy understanding how things fit together, running your own stack is worth it.

Virtualization & Platform

Turn a few physical machines into a flexible, highly-available pool of virtual ones.

Proxmox VE

vs. VMware vSphere / ESXi, Nutanix

Proxmox Backup Server

vs. Veeam Backup & Replication

Networking & Access

Segment, route, secure, and selectively expose the lab.

OPNsense

vs. Fortinet / Cisco firewalls

Nginx Proxy Manager

vs. Cloud load balancers / managed reverse proxy

Cloudflare Tunnel

vs. ngrok, Tailscale Funnel

Tailscale

vs. Corporate VPN, Zscaler / Twingate (ZTNA)

ntopng

vs. Commercial NPM / Darktrace

Network speed testing (iperf3 / LibreSpeed / Speedtest Tracker)

vs. Ookla Speedtest, commercial WAN monitors

Identity & Secrets

One secure login everywhere, with credentials stored properly.

Authentik

vs. Okta, Microsoft Entra ID

HashiCorp Vault

vs. AWS Secrets Manager, CyberArk / Delinea

CMDB & Inventory

A single source of truth for what exists and where.

NetBox

vs. ServiceNow CMDB, Device42

Containers & Dashboards

Run and see all the small services at a glance.

Portainer

vs. Docker Desktop, Rancher

Homepage

vs. (mostly a self-hosted-only niche)

Static file server

vs. Netlify / GitHub Pages / S3 static hosting

Source Control & Docs

Own the code and the diagrams.

Gitea

vs. GitHub, GitLab

draw.io (diagrams)

vs. Lucidchart, Microsoft Visio

Observability & Security

If you can't see it or restore it, you don't really run it.

Monitoring stack (Prometheus / Loki / Grafana / blackbox)

vs. Datadog, New Relic

Uptime Kuma

vs. Pingdom, UptimeRobot

Wazuh

vs. Splunk, CrowdStrike Falcon

Gotify

vs. Pushover, PagerDuty

Remote Access

Reach a desktop or console from anywhere, through one gateway.

Apache Guacamole

vs. Citrix, TeamViewer

Smart Home

Local-first home automation that doesn't phone home.

Home Assistant

vs. Samsung SmartThings, Google/Alexa ecosystems

Local AI

Run models on my own hardware — private prompts, predictable cost.

LiteLLM gateway

vs. OpenAI API direct, OpenRouter

Homegrown automations (blogs deferred this run)

Small glue projects — listed for completeness, spotlight posts to come.

Morning briefing write-up soon

Sports alerts write-up soon

Telegram bot write-up soon

eBay deal hunter write-up soon

Security audit workflow write-up soon

Claude usage tracker write-up soon