HOME AI Hub

This article continues the story that started with the Birth of the Infrastructure.

In the beginning, everything lived on a small VPS: reverse proxy, applications, experiments, monitoring. It worked – but it was never meant to scale. The next logical step was obvious:

Move the heavy work home, keep the VPS as a lean edge.

That is how the HOME server was born as an AI & compute hub.

1. Why I Moved Compute Home

Running everything on a VPS was convenient, but it had clear limits:

Resources – RAM and CPU on a small VPS are always a bottleneck.
Cost – bigger VPS = higher monthly bill.
Control – I wanted full hardware control (disks, power, network, topology).
Privacy – some workloads (AI, logs, automation flows) should stay fully local.

So I decided to split the architecture into two clear roles:

EDGE (VPS) – public entry point, TLS, routing, VPN, relay.
HOME – actual compute: containers, AI, databases, automations.

The HOME server became the place where everything real happens.

2. The Hardware and Base System

The HOME node is a small, quiet but powerful box:

x86_64 machine with enough RAM and SSD storage
Connected to the main LAN 192.B.B.0/24
Running Debian 13 “Trixie”

Base setup:

minimal Debian installation
OpenSSH with key-based auth
basic hardening (firewall, updates)
docker + docker compose as the core runtime

From that point on, almost everything is managed as containers.

3. The Service Stack on HOME

Over time, the HOME server grew into a full-stack platform with these key components:

3.1 Pi-hole – DNS and Filtering

Pi-hole is the DNS backbone of my network:

runs on HOME as a container
answers DNS for the entire LAN
provides blocking, filtering and visibility
is also used by WireGuard clients as their DNS

Almost every service, including the AI stack, implicitly depends on Pi-hole working correctly.

3.2 WordPress (public-website.example)

The educational project Edu-Cat was migrated from external hosting to the HOME server:

WordPress runs in Docker with a dedicated MariaDB container
reachable from the internet through the VPS + Traefik + WireGuard path
backed up and monitored as part of the standard stack

This move gave me:

full control over plugins, PHP version and performance tuning
independence from shared hosting limitations
better integration with the rest of the ecosystem

3.3 n8n – Automation & Orchestration

n8n is my automation engine:

run as a container on HOME
accessible internally and from the internet through automation.example (via VPS and WireGuard)
connected to local services and external APIs

Typical use cases:

health checks for services (HTTP, DNS, Docker)
alerts and notifications
scheduled maintenance tasks
AI-assisted workflows that combine Sim AI / Ollama with remote services

n8n is the glue that binds infrastructure pieces together.

3.4 Sim AI (OpenWebUI)

Sim AI is my main UI for working with AI models:

hosted on HOME, again via Docker
used both through browser and via API (e.g. n8n workflows)
acts as a unified front-end for local models (Ollama) and remote models (OpenAI, etc.)

It turns the HOME server into a personal AI lab, not just a static apps box.

3.5 Ollama – Local Models

Ollama runs on HOME to provide private, local inference:

large language models stored and loaded directly on the box
used by Sim AI and n8n through the Ollama API
ideal for logs analysis, experiments and tasks where I want data to stay at home

The difference is simple:

Cloud models → best quality, no hardware cost, less privacy
Ollama → full control, offline-capable, limited by local hardware

The HOME server makes both options possible and easy to switch between.

4. How HOME Connects to the Edge (VPS)

The HOME server is not directly exposed to the internet.

Instead, everything goes through:

VPS (EDGE)
Traefik as reverse proxy
WireGuard server (10.A.A.1/24)
RustDesk relay

MikroTik router
WireGuard peer (10.A.A.2)
LAN 192.B.B.0/24 routing

HOME server
WireGuard peer (10.A.A.3)
services bound only to LAN / local ports

Public requests (for example to automation.example or public-website.example) travel like this:

Internet → VPS (Traefik, HTTPS) → WireGuard tunnel → HOME:port → container

This design gives me:

end-to-end encryption
a single public IP at the edge
a private, isolated compute environment at HOME

5. Docker Structure and Organization

All HOME workloads live under a clear directory structure, e.g.:

/srv/<project>/ – root for all compose stacks
one or more docker-compose.yml files
dedicated volumes for:
n8n data
Sim AI config
Ollama models
WordPress data
databases
Pi-hole configuration

This separation allows:

easy backup of critical data
quick redeploy after OS reinstall
clean upgrades of individual services

6. Monitoring, Recovery and Reality

The HOME server is not just “another machine”:

it runs the main DNS resolver (Pi-hole)
it hosts critical automation (n8n)
it serves public content (public-website.example, SystemLog)
it provides AI tools I use daily

Because of that, I treat it like a small production environment:

I keep documented recovery steps for the server, Docker, and the network paths
I test WireGuard access from external clients
I track how services behave after power outages and reboots
I continuously refine the layout based on what breaks in real life

It is not a lab. It is the core of my digital infrastructure.

7. Lessons Learned

Some of the key lessons from building the HOME server as an AI & compute hub:

A small, well-configured home box can replace multiple VPS services.
Splitting responsibilities (EDGE vs HOME) improves clarity and security.
Docker is extremely powerful, but only if you document and backup.
Local AI (Ollama) is great – but only as part of a hybrid setup with cloud models.
Automation (n8n) is not “nice to have”. It is necessary if you want to sleep.

The HOME server is not a one-time project. It is an evolving platform that grows together with my needs and my understanding of how I want my systems to behave.

This article is just the snapshot of one point in time.