second-brain/05_Resources/Home Lab Architecture.md

# Home Lab Architecture

## Current-state sketch

```mermaid
flowchart TD
    U[Claudio devices\nMacBook Pro M4\niPad Air M3\niPhone 15 Pro]
    RA[Remote access layer\nTailscale / ZeroTier / Pangolin / Cloudflare]
    VPS[Netcup VPS\nweb apps + remote proxy]
    NAS[Synology DS218+\nDrive / Photos / Jellyfin / Plex]
    PNAS[Parents' Synology NAS\nfuture off-site backup target]
    DELL[Old Dell laptop\nDebian\nHome Assistant + Restic backup server]
    PMX[MacBook Pro 2017 Intel\nProxmox\nOpenClaw / Ollama / Grafana / Pangolin-Newt]
    PI[Raspberry Pi 3\nspare / test]
    FUT[Future storage ideas\nold disks / possible CEPH later]

    U --> RA
    RA --> VPS
    RA --> NAS
    RA --> DELL
    RA --> PMX
    RA --> PI
    NAS -. future backup .-> PNAS
    DELL -. backup orchestration .-> PNAS
    FUT -. future .-> PMX
    FUT -. future .-> NAS
```

## Desired operating model

```mermaid
flowchart LR
    Users[Claudio / family / friends]
    Access[Unified remote access + identity]
    Prod[Production environment\nreliable, documented, backed up]
    Test[Testing environment\nexperimentation / breakable]
    Backup[Backups + restore validation]
    Docs[Documentation\nObsidian second brain]

    Users --> Access
    Access --> Prod
    Access --> Test
    Prod --> Backup
    Test --> Backup
    Prod --> Docs
    Test --> Docs
```

## Recommended interpretation
The current setup already has enough moving parts that the main risk is architectural drift, not lack of hardware.
The next step should be simplification and boundary-setting, not adding many more apps.
A good target is to define one production lane, one testing lane, and one backup strategy before larger migrations.

## Near-term planning questions
- What exactly counts as production today?
- Which host should be the primary app host?
- Which remote-access path should become the default?
- What is the restore story for each critical service?
- Which current services should stay on Synology for now?