Setup, power and thermals, and software tips for running a Mac mini as a home server or self-hosting box.
Uptrends caused a billing problem during use as a server uptime monitor. The service originally cost about $150 per year, but a later renewal invoice rose to $403. The main issue was not auto-renewal by itself, but the cancellation rule. The account had to be canceled 90 days before renewal, while the renewal notice arrived only 15 days before the service period ended. By the time the invoice arrived, the cancellation deadline had already passed by 75 days. After cancellation was requested, payment demands continued for the unpaid account, followed by threats of legal action and collections. HetrixTools was suggested as a better alternative.
A Mac mini M4 Pro with 512GB of internal storage is being considered for an upgrade to 2TB. The physical SSD swap is not the concern, because the steps for opening the machine and replacing the part have already been checked. The problem is the DFU procedure that may be needed after the swap, because that normally requires a second Mac. The practical question is whether the upgrade can be finished without another Mac, or whether the Mac mini can simply be set up from scratch as a new machine after the drive is replaced.
A homelab needs a light storage system for website assets and similar files. The desired option must be fully free, open-source, not heavy to run, and offer a stable S3 API. MinIO is the known baseline, but SeaweedFS, Garage, and Rustfs are being considered as alternatives. The main decision is which S3-compatible storage tool is dependable enough for a small personal server.
A UGREEN 8800 NAS is being used for data analysis and a private cloud. The main reason is cost: cloud servers can be expensive even when the work does not need constant uptime. A small AWS system with 16GB of memory is estimated at about $1,600 per year. The NAS has been upgraded to 16GB of memory. Three 20TB hard drives are combined with RAID 5 for the main large data store, with a 512GB M.2 SSD used as a read cache. Three 960GB SATA SSDs are combined with RAID 5 for Docker and frequently used data, with an extra drive kept for backup. The network setup includes a switch with two 10 gigabit ports and four 2.5 gigabit ports. A workstation connects through a Thunderbolt-to-10 gigabit adapter, and a UPS protects the hardware from power problems.
This homelab separates power protection, heavy computing, storage, and always-on services across different machines. An APC SmartUPS 1500 sits at the bottom and uses NUT monitoring through Home Assistant, so Proxmox nodes can shut down in an orderly way during power outages. The first Proxmox node uses an i5-12500, an RTX 3060 with 12GB of video memory, 32GB of memory, and mirrored NVMe drives for heavier work. It runs AI tools such as Ollama and OpenWebUI, media tools such as Immich and Frigate, and large virtual machines such as macOS Tahoe and Windows 11. A TrueNAS machine with an i5-12400F, GT 710, 16GB of memory, and ten 2TB to 4TB drives handles Frigate video storage, Immich shares, Proxmox backups, and family photos and videos. One empty rack case is being saved for a future workstation because it was too short for the RTX 3060, and the plan is to use it for simple CAD work and occasional video editing from a desk connection. A second Proxmox node, a small Lenovo PC with an i5-9500T, 32GB of memory, and a 1TB NVMe drive, acts as the main low-power brain for always-on services like Home Assistant, Cloudflared, Technitium DNS, Unifi OS, 3CX-SBC, and Docker containers.
A personal AI assistant named Belochka, also called Bella, runs on a Mac and connects to an ESP32 W-10 board used like a small dedicated device. LM Studio runs a Qwen 3.6 35B model from a GGUF file in the background. The assistant can send files, generated music, and other output from the Mac through a Telegram bridge. It listens continuously, stays quiet when it has nothing useful to add, and can join in when needed. The setup is built from Mi, a Telegram bridge from Hermes agent, and a locally running open-source Xiaozhi server. It also uses or builds on tools and models such as llama.cpp, LM Studio, Xiaozhi, Hermes-agent, Mi, Anthropic Fable, and Qwen AI Lab, with no stated sponsorship.
ContextuAI Solo is an open-source desktop app for running AI work on your own computer without an online account. It is built for tasks, not just chat. Small groups of AI agents, called crews, can run one after another or at the same time to handle work such as summarizing documents and drafting text. Users can point it at their own notes or document folders, then ask it to summarize and draft from those files. It also supports RAG, so answers can use local files and include citations. Telegram, Discord, and Reddit watchers can prepare reply drafts, but nothing is sent until the user approves it. After the model is downloaded, the app can run fully offline and does not use telemetry. The stack uses llama.cpp, automatically tries GPU support through Metal, CUDA, or Vulkan, and falls back to CPU if needed. It is described as fast on an M-series Mac, with a one-click hub for 41 GGUF models from 0.5B to 70B, including Qwen 3.5, DeepSeek R1, Gemma, and Phi-4.
Bitaxe Baller is a free open-source dashboard that runs on a personal machine. The new release adds monitoring for the Braiins OS BMM-101 mini miner. It can run on Mac, Windows, or Umbrel, and it automatically finds miners on the same home network. For the BMM-101, it reads status through the CGMiner API on port 4028. The dashboard shows live hashrate, chip temperature, fan status, shares, best-share difficulty, and uptime. If a miner finds a block, the dashboard shows an on-screen effect and records the event. It also writes a CSV log to the computer every time it checks the miner, so temperature and hashrate history survive a miner reboot. For Braiins devices, it only monitors; tuning, pool setup, and firmware changes stay in the Braiins interface, with a direct link from the dashboard.
The setup has three small Optiplex 7040M machines and one Debian 13 desktop. Each small machine has 32 GB of memory, a 256 GB operating system disk, and a 1 TB data disk, all behind an OpenWRT device. Two of the small machines run Proxmox on Debian 13, and the third is intended to become the backup machine. The Debian 13 desktop also needs backups for settings, documents, pictures, and other user files. restic, Borg, Garage, rclone-related tools, and several others have been considered, but none has clearly matched the desired workflow. The needed tool should avoid LLM involvement or generated code, have at least a 5-year record of reliability, and support offsite backup to a cloud provider or another remote location over WAN. The preferred setup is a cron job on each device that sends backups to a repository on the third Optiplex, with that repository easy to mount and browse like a filesystem.
The goal is to let family members add music to separate Spotify playlists, download those songs to a server, and keep matching playlists in Plexamp. Getting music from Spotify onto the server seems possible with tools such as Downtify, Spotify to Plex, and Lidarr. The hard part is recreating or updating the same playlists inside Plexamp after the files are on the server. Aurral looks useful for finding new music, but it does not yet support Spotify sync. One workaround is to run several Downtify instances, send each playlist to a different folder, and then build playlists from those folders, but that setup is clumsy.
Agam Space is a self-hosted file storage app. Files are encrypted in the browser before they are uploaded, so a Mac mini server or its operator only handles unreadable encrypted pieces. This release adds an S3 storage backend, so files no longer have to stay only on the server’s local disk. It can also use S3-compatible storage such as Garage or R2 through a few environment variables. The files remain end-to-end encrypted even when stored outside the server. The main limit is that the storage choice is made at deployment time, and there is no automatic move from local disk to S3 for an existing setup with files already stored. Fresh installs are the better fit for now. PWA support was also added, so it can be installed like an app on a phone or desktop, with an offline page and a service worker. The release also includes bug fixes, dependency updates for security fixes, and small improvements.
SparkyFitness is a self-hosted service that can replace health and workout apps such as MyFitnessPal, Flo, Hevy, and Shotsy. It has been running for one year, has passed 4,500 users, and has 73 developers contributing to the project. It also gained more than 1,000 GitHub stars in the past month. The service has moved beyond basic calorie and exercise tracking. Recent additions include period cycle tracking, pregnancy tracking, medication management, and GLP-1 medication tracking. A workout and exercise feature for the mobile app is being built now, and feedback is being collected through GitHub.
A 2017 Dell XPS 13 was turned into a dedicated homelab server instead of being sold cheaply. A new low-power x86 ITX build or NAS-style setup would have cost about $500 to $800 just for the processor, memory, and case. The laptop had an i5 chip and 8GB of memory, but its battery was dead, lasted under 3 minutes, and made local buyers offer only about $20. A wattmeter showed an average idle draw of 6.2W from the wall over a week. The machine now runs Ubuntu Server LTS with Immich, a local Postgres database, and a large personal Python workflow. Its internal storage was upgraded to a 4TB SSD, while the battery was dead and beginning to swell.
Pangolin 1.20 improves the way people find and open resources inside the web interface. Pangolin is an open-source remote access tool that lets a team reach private servers and services after strong authentication. It combines browser-based access and a remote access VPN in one product. The new resource launcher gives signed-in users a clearer first screen, with resources grouped by site or label. Resources can be searched, filtered, and shown in a grid or list. Each person can save a personal default layout or named views, while admins can set a default view for the whole organization. Admins can also use a command palette with ⌘K or Ctrl+K from anywhere in the dashboard to jump to a page or search for a resource or site by name. Private resource pages now use full dedicated pages instead of the older pop-up window style.
TellSome1 is a small self-hosted relay for sending Gitea webhooks to chat services. It was made to move Gitea notifications into Nextcloud Talk channels, and it can also send messages to Matrix, Discord, and similar destinations. It receives the webhook, reshapes the message with Go templates, and forwards it where needed. Setup is meant to be simple, with one YAML file for configuration. Work is handled in the background, so the service sending the webhook does not have to wait. TLS can be enabled, but that part has not been properly tested yet. In the working setup, it runs beside Gitea as an internal service and is not reachable from the public internet.
A Raspberry Pi server that started as a test setup has been running from a microSD card as its main drive for about ten months. That is risky when the server holds valuable data, because microSD cards can be less dependable as long-term server storage. Other servers have already been built in a safer way, but this older setup still needs to be moved. The current system runs Raspberry Pi OS, so it cannot simply be cloned and booted on a Mac Mini. The real task is to move the server’s data and settings safely to a Mac Mini or an external drive.
This homelab runs on two computers with clear jobs. The first machine has a Ryzen 9 7950X, an RTX 4080 Super, and Fedora 44 KDE, and it handles desktop work, gaming, and local AI. The second machine has an i7-7700, Ubuntu, and 16 terabytes of storage, and it runs the main server services in Docker. The service list includes Plex for media, Immich for photo backup, Audiobookshelf, Vaultwarden for passwords, Actual Budget for personal finance, and the arr family of media automation tools. Voice control starts with a “Hey Jarvis” device and a Raspberry Pi satellite, then Whisper turns speech into text, Home Assistant matches the command, and Kokoro TTS creates the spoken reply. Device control stays local, while general knowledge questions can fall back to a cloud LLM through OpenRouter. Remote access uses Tailscale, and backups combine nightly two-way restic backups, snapper snapshots on the desktop machine, and a separate WD My Book cold backup. Extra automation includes a locally generated morning podcast, a weekly health check, and systemd timers, with AdGuard planned next.
A first homelab build started with a simple need: a NAS for storing media, mostly photos, and a place to back up a Raspberry Pi. Synology was considered first, but local hardware prices were too high, so a custom NAS build became the chosen path. The custom build still ended up going over budget. The network uses UniFi gear, including one UDR 7, two UniFi PoE switches, and three UniFi AP Lite and Pro access points bought in a mix of new and used condition. The network is split by purpose: trusted personal devices, family devices, IoT devices, and guest devices. Each zone uses its own VLAN and private address range. Trusted devices can fully reach server management, family devices mainly get normal internet access, IoT devices are isolated from each other, and guest devices are used for internet TV and smart devices with only specific access opened when needed.
A workplace-only knowledge base is being set up with Outline Docs. The app is already running in a Docker container, and the same tool works at home through authenik on a personal domain. At work, the goal is to let staff sign in with their Google Workspace accounts. The setup gets difficult because Google expects a full web domain, while the service only has an internal address and port. Using nip.io makes the internal address look more like a domain, and that partly works. The next blocker is that Google Workspace sign-in requires HTTPS instead of plain HTTP. A self-signed certificate was added by following Outline Docs guidance, but after that the page stopped loading. The practical problem is making Google sign-in, a domain-like address, and HTTPS work for a service that is not exposed to the public internet.
A very small NVR in a loft can save space and keep cables out of sight. The problem is that a loft can collect heat and dust, which can shorten the life of equipment that runs all day. A PoE NVR is especially sensitive because it powers cameras and records video continuously. One possible safeguard is a temperature switch that shuts the unit down after the space gets too hot. Another option is a duct fan that pulls cooler air from another area. Moving Raspberry Pis and HDD docks into the same loft later would make cooling, dust control, and emergency shutdown planning even more important.
A home lab beginner wants to stop typing the full IP address and port number for each self-hosted service. Bookmarks could help, but the goal is a cleaner way to reach services by name. The open question is whether DNS and a reverse proxy are the right tools. The real need is to give each service an easy address and route each address to the correct service running on the home server.
IncidentFox was a tool that some self-hosters had noticed a few months ago, but its GitHub repository is now archived and no longer actively maintained. That makes it risky to rely on for incident review or operations work. The needed replacement should be able to check Grafana and Loki data for SRE tasks. The practical goal is a maintained self-hosted tool that helps investigate incidents and review what went wrong.
Long recordings such as podcasts, interviews, and lectures can run into a common limit in free transcription tools: files often stop around 30 minutes. Getting past that limit usually means paying for a monthly plan from services such as Otter or TurboScribe. The cost is often about $15 to $20 per month, which feels hard to justify for people who only need transcription once in a while. The practical choices are paying for a subscription, cutting the recording into smaller files, changing tools, or accepting the limit.
A Dutch person living in France wants to turn computer help experience into a public knowledge base for everyday users. The planned wiki would collect practical computer tips and fixes in Dutch, French, and English. The server setup already includes a registered domain name, Ubuntu, Docker, Portainer, Nginx, and Cloudflare. The needed tool is a Docker-based wiki where approved users can edit pages and everyone else can only read them. Several options have been checked, but none has clearly matched those needs yet.
The goal is to use one Mac mini as a home server for Immich, Jellyfin, NAS, AdGuard, and similar services. This setup would combine photo management, media streaming, file storage, and ad blocking on one machine. Local LLM use is also desired, but that pushes the Mac mini price much higher. The main decision is whether to buy for normal home server tasks or pay much more for local AI work too.
A 2018 Mac mini is available for about $150 in 2026. It has an i3 3.6GHz chip, 16GB of memory, and 128GB of storage. The planned use is light work: YouTube, web browsing with many tabs open, office tasks, and studying. Linux may be installed on it later. Other small used computers in the same budget range include Lenovo ThinkCentre, HP EliteDesk, and Dell OptiPlex mini PCs.
A home UniFi Wi-Fi setup has been managed for years with a Sophos firewall/router, a basic unmanaged switch, and an old Intel Mac Mini running UniFi Network Server. The network is now being moved to a Cloud Gateway Ultra and a Lite PoE switch. The main question is whether the existing U7 Pro Max settings can move directly to the Cloud Gateway Ultra, or whether a backup must be imported first. A U6-LR is mounted on a garage roof inside a waterproof outdoor electrical box to extend the U7 Pro Max Wi-Fi network for outdoor Ring cameras. Taking that unit down, resetting it, and setting it up again would be inconvenient. The U7 Pro Max already gets power from its own PoE++ injector, so it will not be powered through the Lite PoE switch.
Supply-chain attacks in 2025 and 2026 have shifted from random opportunistic attacks to repeatable, organized patterns. The same patterns are appearing across npm, PyPI, GitHub Actions, and CI/CD systems. The usual entry point is trusted development infrastructure, not a newly discovered software flaw. The most damaging techniques named are OIDC token hijacking, CI/CD cache poisoning, and dependency confusion. Defenses that worked against early-2020s supply-chain attacks are no longer enough for these newer patterns. In the 2020 SolarWinds case, this kind of attack required nation-state resources, advanced malicious code, and long-term access; now a motivated criminal group can attempt similar attack classes with open-source tools, GitHub Actions misconfigurations, and package registry ecosystems. The core weakness is that organizations manage what they own, but often do not manage everything they trust.
A Mac Mini M4 with 32 GB of memory and 1 TB of storage has reached a third buyer through resale. The machine is locked with iCloud, so it cannot be used normally. It is not reported as stolen, and there is a box and some paperwork, but the original purchase receipt is missing. The main question is whether there is any formal way to get a copy of that original receipt so Apple can be asked to unlock the device. If that is not possible, the remaining option being considered is selling the locked machine to someone else.
A 32GB unified memory laptop can run Qwen 27B with a 128k context length, but larger models or offloaded LLM work may need a separate box. The old simple answer was often to buy a Mac mini, but the 2026 hardware choices are broader. The options under consideration include AMD Halo, Nvidia DGX Spark, a PC with two AMD R9700 cards, and future M5 or M6 Mac mini or Mac Studio models. Nvidia DGX Spark looks less attractive if its proprietary operating system cannot be replaced. A PC with two AMD R9700 cards could provide far more memory room than 32GB and leave space for later upgrades. The main tradeoff is whether running work across multiple GPUs adds setup, performance, or compatibility problems.