Homelab Atlas
Blueprint
Self-Hosted Toolkit

Build a resilient homelab that bends to your needs—not the cloud's.

Homelab Atlas walks you through hardware selection, network design, and service playbooks so you can stream Jellyfin, sync Navidrome, and safeguard Immich under your own roof.

Start the blueprintBrowse playbooks
Homelab launch checklist
Ship critical services on day one while keeping security, storage, and observability in check.
  • Designate SSD for app data and HDD/ZFS pool for media payloads.
  • Provision reverse proxy (Caddy/Traefik) with wildcard certificates.
  • Centralize credentials via Authentik and passkeys.
  • Enable off-site backups with restic + Backblaze or Hetzner.

Service quickstarts

Battle-tested configurations for the media services homelabbers rely on most.

Jellyfin Media Server
Stream your movie and TV collection anywhere with hardware acceleration and user profiles.
  • Deploy with Docker Compose and persistent storage mounts
  • Enable Intel Quick Sync or NVIDIA NVENC for smooth transcoding
  • Protect remote streams via Tailscale or reverse proxy with Authentik
View docs
Navidrome + Music Clients
Host high-fidelity audio, sync playlists, and stream to mobile clients with offline caching.
  • Index FLAC/MP3 libraries with automatic metadata refresh
  • Pair with Supysonic, Substreamer, or Symfonium for native apps
  • Expose HTTPS via Caddy with automatic Let's Encrypt certificates
View docs
Immich Photo Hub
Back up mobile photos, deduplicate your archive, and leverage AI search on self-hosted storage.
  • Schedule nightly Docker backups for the Postgres + Redis stack
  • Use object storage or ZFS datasets for resilient media pools
  • Enable machine-learning features with GPU passthrough when available
View docs

Homelab starter kit

Follow the milestones to stand up a secure, observable self-hosting stack in a weekend.

01
Plan the foundation
Audit your ISP gateway, map VLAN needs, and right-size homelab hardware (NUC, mini PC, or repurposed server).
02
Automate provisioning
Install Debian or Ubuntu Server, add Docker Engine + Compose, and set up Infrastructure-as-Code with Ansible or Terraform for repeatability.
03
Secure the edge
Adopt WireGuard, Tailscale, or Cloudflare Tunnel to gate remote access and configure SSO with Authentik or Authelia.
04
Ship observability
Layer in Prometheus + Grafana dashboards, uptime probes, and automated backups before inviting other users.

Deep-dive playbooks

Step-by-step guides with diagrams, compose files, and day-two operations checklists.

Media Stack Blueprint
Opinionated Compose files and storage layouts for Jellyfin, Navidrome, and Audiobookshelf living happily together.
Open guide
Photo Workflow
Sync-and-forget Immich automation with device enrollment, folder versioning, and GPU tuning options.
Open guide
Zero-Trust Perimeter
Guide for reverse proxies, mTLS, and multi-factor logins so your lab stays private while reachable.
Open guide

FAQ

Answers to the questions homelab newcomers ask most often.

Which hardware should I start with?

A 4-core Intel NUC or Ryzen mini PC with 32 GB RAM covers Jellyfin transcoding, Navidrome, and Immich. Add a NAS or DAS enclosure for bulk storage.

Do I need Kubernetes?

Not on day one. Compose stacks let you learn service primitives faster. Graduate to k3s or Talos once you outgrow single-node deployments.

How do I keep services updated?

Pin container tags, use Watchtower or Renovate for alerts, and rehearse upgrades on a staging compose stack before touching production.

Ready to launch your lab?

Subscribe for new service playbooks, automation recipes, and deployment walkthroughs delivered monthly.

Request a consult