This chapter translates the current repository into a production-oriented architecture model. The same platform can run on Raspberry Pi in a home lab and move to a cloud VM with minimal structural changes.
Serve public pages and technical blog content with fast rendering
Provide authenticated private features for notes and media workflows
Keep deployment practical on Raspberry Pi with Docker Compose
Preserve portability for cloud migration without major rewrites
Support secure public access with Cloudflare domain and tunnel patterns
What Is Already Implemented in the Codebase
Frontend routing in Next.js App Router under web/app
PocketBase for auth, records, and media file handling
Caddy route split where / serves web and /pb proxies PocketBase
Auth-gated private routes for dashboard notes and upload workflows
Container runtime with isolated web, pocketbase, and caddy services
System Architecture: Current Repository and Production Path
Browser traffic reaches Cloudflare domain, enters tunnel, then routes through Caddy into web and PocketBase containers
Routing Map: Public, Auth, and Data Flows
How route boundaries map to service responsibilities in this architecture
How This Maps to Local and Production Environments
In local mode, this repository runs with Docker Compose and local volumes. In production, the same services can stay containerized while the public entry point moves behind a Cloudflare domain and tunnel.
Local: compose up, Caddy route split, direct service visibility for development