Overview
I manage a Linux VPS that handles both my everyday personal services and the backends for my side projects. Every service runs containerized — each category gets its own Docker Compose file, which keeps updates, rollbacks, and debugging isolated from each other. Mass storage lives on remote storage boxes rather than VPS disk, separating compute costs from storage costs.
Routing and TLS
Traefik sits in front of all services as the reverse proxy. SSL certificates are issued and renewed automatically via Let's Encrypt, HSTS is enforced across the board, and HTTP gets redirected to HTTPS. I don't manage certificates by hand.
Services
| Service | Purpose |
|---|---|
| Nextcloud | File sync and cloud storage, backed by a remote storage box |
| Navidrome | Music streaming — reads directly from the Nextcloud music library |
| Matrix / Synapse | Encrypted messaging homeserver |
| Element Web | Web client for Matrix |
| Coturn | TURN server for Matrix voice and video calls |
Dev deployments
The same VPS also runs development builds of my projects:
- ▸Fortalis Auth – authentication microservice
- ▸Fortalis Backend – game backend API
- ▸Chess server – backend for my chess engine
- ▸This portfolio – also served from this host
Storage architecture
Compute and storage are deliberately separated. The VPS handles processing while remote storage boxes hold the data (Nextcloud files, media libraries). I can scale storage capacity without upgrading the server, and costs stay predictable.