Personal Infrastructure Server
Back to Projects

Personal Infrastructure Server

Self-hosted Debian 12 server providing secure remote access via WireGuard VPN and hosting mission-critical production automation services with 99.9% uptime.

2024Live

Results

99.9%
Uptime
6+ months production
3
VPN Clients
Active devices
3
Production Services
Mission-critical systems
500GB
Monthly Data
Processed volume

Personal Infrastructure Server

24/7 Production Server

Overview

A personal infrastructure backbone running on Debian 12 with WireGuard VPN for secure remote access. Hosts multiple production automation services with high availability and automatic recovery.

Infrastructure Purpose

Secure Remote Access

  • WireGuard VPN for encrypted tunneling
  • Multiple client device support
  • Split tunneling options for specific services

Production Service Hosting

Hosts mission-critical automation services including:

  • AI-powered email classification
  • Scheduled data sync pipelines
  • Automated backup systems

Technical Stack

Operating System

  • Debian 12 (Bookworm) - Stable, security-focused
  • Automated security updates
  • Minimal attack surface

Service Management

All services run as systemd units with automatic restart:

ini
[Unit]
Description=Production Service
After=network.target
 
[Service]
Type=simple
User=automation
WorkingDirectory=/opt/service
ExecStart=/usr/bin/node dist/index.js
Restart=always
RestartSec=10
 
[Install]
WantedBy=multi-user.target

Service Architecture

Process Isolation

  • Each service runs under dedicated user account
  • Separate working directories
  • Environment-based configuration

Logging & Monitoring

  • journald for centralized service logs
  • Custom log rotation policies
  • Email alerts on service failures

Scheduled Operations

Cron-based scheduling for automation services with staggered execution times to avoid resource contention.

Reliability Features

Automatic Recovery

  • systemd auto-restart on failures
  • Health check endpoints for critical services
  • Watchdog integration for long-running processes

Backup Strategy

  • Configuration backups to separate storage
  • Service state snapshots before updates
  • Documented recovery procedures

Security Posture

Access Control

  • SSH key-only authentication
  • Fail2ban for intrusion prevention
  • Firewall rules allowing only necessary ports

Updates

  • Unattended security updates enabled
  • Quarterly maintenance windows for major updates
  • Rollback procedures documented

Operational Stats

  • Uptime: 99.9%+ over past 6 months
  • Active VPN Clients: 3
  • Production Services: 3
  • Monthly Data Processed: ~500GB

This project demonstrates infrastructure engineering, security-first thinking, and the ability to maintain production systems with high availability.

Related Projects

Email Triage Assistant

AI-powered email classification system using Claude that monitors Office 365, applies intelligent routing rules, and automatically creates Asana tasks. Running 24/7 in production on personal infrastructure.

Product Sync Pipeline

Automated weekly sync of 100+ products from WordPress to Google Sheets with AI-generated marketing descriptions and branded stakeholder notifications.

Database Backup System

Automated daily backup system for production trading platform managing 3.7M rows across 52 tables with sub-10-minute disaster recovery SLA and AWS S3 storage.