ArgoBox
ArgoBox AI + Infrastructure + Labs
Ctrl+K

System Architecture

Dual-site homelab infrastructure connected via encrypted Tailscale mesh. Cloudflare Pages at the edge, Workers for serverless compute, tunnels for zero-trust backend access.

0 Physical Cores
0 Systems
0 TB+ Storage
0 Sites
0 VPN Nodes
0 Connections
Deployed on Cloudflare Pages

Infrastructure Topology

Interactive force-directed graph of the complete dual-site architecture

Network:
Node Details

Click a node in the graph to view its specs, services, and connections.

Node Types
network device hypervisor orchestrator drone gateway workstation nas media container vm cloud vpn node
Connection Types
LAN Tailscale VPN CF Tunnel Backup Service Data Flow Uplink

Request Flow

How requests traverse the infrastructure from browser to backend

Browser
Client device
~2ms
CF CDN
Edge cache (300+ PoPs)
cached
Pre-rendered
0ms backend latency

No backend calls. Pre-built at deploy time. Instant global delivery with perfect SEO.

Browser
Client device
~2ms
CF Workers
Edge compute (V8)
~5ms
CF Tunnel
Outbound only
~20ms
Backend
Proxmox · Docker · APIs

Real-time data, authentication, and admin features. Edge-processed then routed through encrypted tunnel.

Service Ecosystem

Software stack powering the infrastructure

AI & Machine Learning

Ollama
Local LLM inference engine
Docker
OpenClaw
Multi-provider AI gateway
Python
ChromaDB
Vector embedding database
Python
Argonaut RAG
Retrieval-augmented generation
Node.js

Core Infrastructure

Proxmox VE
Hypervisor & container management
KVM/LXC
Tailscale
WireGuard mesh VPN overlay
WireGuard
Cloudflare
CDN, tunnels & edge workers
CF Pages
OPNsense
Firewall, VLANs & routing
FreeBSD

Build System

Build Swarm
Distributed Gentoo compilation
Custom
Drone Cluster
Multi-site build agents
LXC
Gitea
Self-hosted Git platform
Go

Observability

Uptime Kuma
Service health & alerting
Node.js
Prometheus
Time-series metrics store
TSDB
Grafana
Metrics dashboards
Go

Build Swarm

Distributed Gentoo compilation across 4 agents spanning both sites

54
Allocated Cores
4
Build Agents
2
Network Sites
CT 200: orch-io
Build Orchestrator
12 cores 8GB Jove
CT 203: drone-io (16c)
Build Drone
16 cores 8GB Jove
CT 102: orch-titan
Build Orchestrator
12 cores 8GB Kronos
CT 103: drone-titan (14c)
Build Drone
14 cores 12GB Kronos

Architecture Decisions

Design rationale and trade-offs

Resilience and global reach. If the homelab goes down, the blog and portfolio remain available. Admin features degrade gracefully with cached data. Zero infrastructure cost for static assets, DDoS protection included, and automatic deployments from Git.

Static rendering for content (fast, cacheable, SEO-friendly). SSR for admin pages and APIs (real-time data, auth, secrets). One codebase, one deploy target, two rendering modes. Cloudflare Workers handle the SSR at the edge.

Zero inbound firewall rules. Outbound-only connections from the homelab to Cloudflare's edge. No port forwarding, no NAT hairpinning, no dynamic DNS. If the tunnel daemon stops, nothing is exposed. The attack surface is zero.

WireGuard-based mesh networking with zero-configuration. Subnet routing bridges the two physical sites transparently. Works behind CGNAT, double-NAT, and restrictive firewalls. ~38ms inter-site latency with end-to-end encryption.

Geographic redundancy and workload isolation. Jove (primary) handles web services and development. Kronos (secondary) handles storage, media, and heavy compute. Tailscale mesh makes them appear as a single logical network despite being in different locations.