Build notes
& writeups

With Docker services running and the network locked down, the final step was exposing everything cleanly from outside the LAN. This writeup covers setting up Cloudflare Tunnels for zero-trust external access, routing subdomains through the tunnel to the correct Docker containers, and getting HTTPS working automatically across every service. Also covers DNS record structure and managing multiple services on a single tunnel.

n8n is a self-hosted workflow automation platform — think Zapier, but you own the server. This writeup covers deploying it in Docker on the Pi5, securing it behind Cloudflare Tunnel, and building the first production workflows: Discord alert pipelines, scheduled API polling jobs, and a multi-step webhook chain tying together Google Cloud, IPBase geolocation data, and a custom Python script. Includes the full Docker Compose config and environment variable setup.

Part 2 picks up after the Pi5 is imaged and booted headlessly. The focus is network stability before adding any services: assigning a static IP via DHCP reservation, configuring the Pi's network interfaces, verifying LAN and WAN connectivity, and hardening SSH before the tunnel goes live. Covers disabling password auth, setting up key-based login, changing the default port, and UFW firewall configuration.

Starting from a fresh Pi5 and a blank NVMe drive. This part documents the full bootstrap: using Raspberry Pi Imager to write Raspberry Pi OS Lite 64-bit directly to NVMe via a USB adapter, pre-configuring SSH and WiFi in the imager so the Pi comes up headlessly on first boot, and going from powered-off hardware to a stable SSH session without a keyboard or monitor. Also covers NVMe HAT setup and the EEPROM boot order config for NVMe boot.

Solo Bitcoin mining on ESP32 boards is a lottery ticket running on a $5 microcontroller — and a great embedded build. This log covers flashing Nerdminer firmware onto multiple ESP32 Dev Kits, configuring pool credentials pointing to ckPool Solo, and assembling the CYD (Cheap Yellow Display) rig to show live hashrate, share count, and current difficulty. Covers the web installer flash process, WiFi credential setup, and full CYD wiring.

First impressions of the X1C: fast, well-calibrated out of the box, and a significant upgrade from entry-level FDM. This log covers installing OrcaSlicer, running calibration prints (flow rate, pressure advance, temperature towers), configuring the Bambu network workflow, and the full pipeline from a Fusion 360 model to a finished enclosure part. Includes AMS setup and the filament profiles that work best for PLA and PETG.

Running your own mail server is straightforward if you build it right from the start. This writeup covers the full stack: deploying Docker Mailserver on the Pi5, generating DKIM keys, configuring SPF and DMARC records in Cloudflare DNS, setting up SMTP and IMAP, and integrating Resend for transactional mail. Also covers MX record structure, deliverability testing with mail-tester.com, and the cron job that auto-renews the SSL cert.

The goal was a large, redundant storage pool accessible to both Pi nodes and the main PC over the network. This log covers drive selection (CMR only), choosing the right RAID level for redundancy and usable space at this scale, building the array with mdadm, and getting it mounted persistently on boot. Also covers network sharing via Samba for Windows and NFS for the Pis, and setting permissions so Docker containers can write to the array.