Core Architecture
How everything in the home lab connects — from the physical hardware to the apps running on top.
Overview
At the center is a M5 Mac Mini running everything locally. It connects to a UGREEN NAS for redundant storage, exposes services via Cloudflare tunnels, and syncs across all my devices using TailScale as the backbone VPN.
The whole setup is designed around one idea: own the data, own the compute, own the pipeline.
Component Map
Compute & Storage
- Mac Mini (M5) — core compute node. Runs all services, containers, and automation.
- UGREEN NAS — RAID-1 storage (2x 4TB HDD). Backup target + Obsidian vault storage.
Networking & Access
- Cloudflare — domain registrar + DNS + tunnel provider. Zero-trust tunnel means no open ports on home network.
- TailScale — VPN mesh for remote access. Devices on the tailnet can reach the Mac Mini directly.
Knowledge & Publishing
- Obsidian — second brain. Notes live in
iujinwee-vault, synced in real-time via Self-hosted LiveSync plugin to the NAS. - Garden (garden.iujinwee.cc) — public-facing blog. Automatically syncs from
iujinwee-vault/00 Blogsto publish posts.
Web Presence
- Portfolio (portfolio.iujinwee.cc) — personal site, hosted on Mac Mini, served via Cloudflare tunnel.
- Redirect subdomains —
github.iujinwee.cc,linkedin.iujinwee.cc— simple URL redirects via Cloudflare.
Cross-Device Sync
The vault stays in sync across three surfaces:
| Device | How |
|---|---|
| Mac Mini (home) | Source of truth, runs LiveSync server |
| Mobile (iPhone) | Obsidian app + LiveSync client → NAS |
| Desktop (work/travel) | TailScale → reach Mac Mini or NAS directly |
Data Flow
[Write note on mobile]
↓
[Obsidian LiveSync → NAS]
↓
[Mac Mini picks up change]
↓
[00 Blogs/ syncs → Garden blog]
↓
[Cloudflare tunnel → public at garden.iujinwee.cc]
Architecture Diagram
To be filled up!