Philosophy#
Self-Hosted Solution, Not Homelab#
This is the most important thing to understand about PSW.
The word “homelab” implies a laboratory — a place to experiment, break things, learn, and tinker. That’s a valid hobby, but it’s not what PSW is for.
PSW builds a self-hosted solution: production-quality infrastructure that you depend on. The same apps your family uses to watch movies, the same password manager that stores your banking credentials, the same smart home system that controls your locks. These services must be solid, reliable, and self-healing — not experiments.
| Homelab | PSW Self-Hosted Solution | |
|---|---|---|
| Goal | Learn and experiment | Run reliable services |
| Failure tolerance | Expected — it’s a lab | Unacceptable — people depend on it |
| Configuration | Manual, ad-hoc, “I’ll fix it later” | Automated, declarative, reproducible |
| Recovery plan | Rebuild from memory (or don’t) | Rebuild from git in one command |
| Updates | “I’ll SSH in and try it” | Tested, idempotent , automatic |
| Monitoring | Optional nice-to-have | Built-in via conventions |
| Backups | Maybe, if I remember | Automatic via conventions |
| Security | “It’s just my home network” | SSO , encrypted secrets , WireGuard tunnels |
PSW treats your self-hosted solution the way a professional treats production infrastructure — because that’s exactly what it is.
Core Principles#
It Works or It’s a Bug#
If something breaks, PSW doesn’t shrug and say “reboot it.” Every failure is investigated, every root cause is fixed. Convergence runs every 5 minutes to detect and correct drift. Readiness checks verify that apps are healthy before wiring them together. If an app can’t start, PSW reports it — it doesn’t silently move on.
Declarative, Not Improvised#
You don’t SSH into servers and make changes by hand. You describe what you want in your user project , push to git, and convergence makes it happen. This means your entire self-hosted solution is:
- Versioned — every change is a git commit you can inspect or roll back
- Reproducible — if a server dies, rebuild from scratch with one command
- Auditable — you can always see what changed, when, and why
This is the GitOps model — the same approach used by professional infrastructure teams.
Automatic, Not Manual#
When you add an app , PSW doesn’t just drop it on a server and wish you luck. It automatically:
- Generates secrets (passwords, API keys)
- Creates DNS records via providers (split-horizon for local and remote access)
- Configures HTTPS routing through Traefik
- Sets up single sign-on through Authelia
- Registers monitoring scrape targets for Prometheus
- Creates backup plans through Backrest
- Wires the app to every other app it integrates with
All of this happens through conventions — standardized integration patterns that every app participates in. You don’t configure any of it.
Idempotent , Not Fragile#
Every operation in PSW is safe to repeat. Running convergence twice with no changes produces zero changes. This means the system can run continuously — checking, correcting, and reporting — without risk of breaking what’s already working.
No Fallbacks, No Shortcuts#
PSW doesn’t paper over problems with fallback logic or retry-and-hope loops. If something fails, it’s diagnosed and fixed at the source. There are no “known limitations” to hide behind, no “expected transient errors” to ignore. An issue is an issue, and it gets fixed — properly.
Convention Over Configuration#
Apps don’t need manual integration work. PSW’s convention system automatically handles routing, SSO, monitoring, backup, and homepage registration based on app metadata . You add an app; PSW integrates it into everything else. This is what makes PSW a solution, not a collection of scripts.