Homelab

9 min read

Building BuchhalterPython: Provisioning Infrastructure (Part 3)

Part 2 was entirely headwork: microservice boundaries, RAG strategy, tag dimensions, storage path templates — all decisions made before a single line of code was written. Phase 3 is different. Phase 3 is the moment you press Apply and something moves on real hardware. Part 3 of the Building BuchhalterPython series. Part 1 covers agentic infrastructure and golden standards. Part 2 covers the five architectural decisions made before writing any business logic.

infrastructure opentofu ansible proxmox homelab agentic-coding celery redis
5 min read

Lernreise 7/7: n8n, a Dead ThinkPad, and What's Next

Every project like this ends with a set of opinions you did not have before. Here are mine. n8n I will be charitable and say: n8n is excellent for linear workflows of three to five nodes. Trigger, action, done. For anything more complex, it becomes something I would describe, with some restraint, as binary toxic waste. Visual workflow tools have an inherent problem: the visual representation is the code. You cannot refactor it the way you refactor code. You cannot diff it sensibly. You cannot review it in a pull request. When a node is producing wrong output and you need to understand why, you are clicking through a canvas, unfolding nested expressions, reading JavaScript embedded in a UI field that was not designed to hold much JavaScript.

lernreise ai n8n lessons-learned homelab
3 min read

Lernreise 2/7: The Starting Point: A Thousand Untagged Documents

Six months ago I migrated my homelab. The old machine was a netbook that had served faithfully for years, and by the end of its life it was doing things that its manufacturer had never intended and would probably have considered unkind. I replaced it with a MiniPC: an N150 processor, 16 GB of RAM, a form factor that fits in a drawer. It runs Proxmox. It is fast. It is quiet. I am unreasonably pleased with it.

lernreise ai paperless-ngx homelab n8n mistral
3 min read

Lernreise 1/7: Just Do It (The Expensive Way)

There is a particular kind of paralysis that sets in when you follow the AI space professionally. Not ignorance. The opposite. Too much information, too fast, from too many directions at once. I am an IT professional. I have been one for a long time. My day job is coordination, communication, managing third-party software across a range of quality levels that would make a QA engineer weep. I use chatbots daily. I have Copilot set up in VS Code. I understand, broadly, what large language models are doing and why people are excited about them.

lernreise ai homelab learning
18 min read

Automating TLS Certificates in a Homelab: Smallstep PKI, Caddy, and Drone CI/CD — A Static Website Case Study

Abstract Running services in a homelab behind an internal reverse proxy creates a certificate management problem that is easy to underestimate. This article walks through a real deployment: a Hugo static website built and deployed by Drone CI/CD, with UAT served by an nginx container behind Caddy, and production hosted on Firebase. The core challenge is not just issuing certificates — it is ensuring that Docker containers running as part of the CI/CD pipeline actually trust the internal CA. We examine how Smallstep step-ca acts as the homelab root of trust, how Caddy automates certificate provisioning via ACME, and how an Ansible role bootstraps CA trust on the Docker host so that the Drone Server container can communicate with Gitea over HTTPS. The infrastructure provisioning side (via OpenTofu and Ansible) is also described, with an honest account of what IaC actually created versus what was pre-existing.

homelab pki smallstep caddy drone ci-cd tls certificates infrastructure-as-code opentofu ansible hugo static-sites
4 min read

EBKAC.ORG Goes Live (Almost): A Firebase Custom Domain Story

The domain arrived this morning. ebkac.org. After days of running this site on a Firebase default URL that nobody would ever bookmark intentionally, there it was in the Netcup dashboard: registered, paid, mine. EBKAC, for the uninitiated, stands for Error Between Keyboard And Chair. It is an old IT industry shorthand for the most common category of technical fault: the human operator. Usually deployed to describe someone else’s mistake. I chose it as the name for this blog because I am a firm believer that the most instructive errors are your own. A name like that has a certain obligation attached to it.

firebase dns homelab ai