My Mac Studio is arriving this week and, like every sane person in homelab land, my first instinct is to install 40 things and break all of them by Saturday night.

So this is the version I wish someone had given me first: practical, boring, and actually maintainable.

Note: Do you need a Mac Studio? No. Any old computer you already have works. I’ll just be using a Mac Studio for this guide.

The goal

Not “self-host everything.”

The goal is:

  • fast local AI workflows
  • reliable personal services
  • zero-friction remote access
  • clear separation between work and personal environments

If your stack needs a wiki to explain itself, it’s already too complex.

The first five services worth running

1) Ollama (local models)

This is the obvious first win. Run one fast model (3B-ish) and one stronger model (7–8B-ish), and route heavier reasoning to cloud models when needed.

Why first:

  • immediate utility
  • low setup complexity
  • no dependency hell if you keep it simple

Rule of thumb:

  • 3B for quick local assistant tasks
  • 7/8B for higher-quality local output
  • cloud fallback for complex code/reasoning

2) OpenClaw node/runtime

If you’re already using OpenClaw, the Studio is an ideal personal node.

Why it matters:

  • keeps personal automations local
  • gives you compute separation from work machine
  • makes “one brain, two machines” workflows possible

3) Immich (photo backup)

One of the few self-hosted tools that pays off immediately.

Why it’s worth it:

  • automatic photo backup
  • searchable timeline
  • gets your personal media out of random cloud lock-in

Caveat: storage grows faster than you think. Plan disk/NAS early.

4) Mealie

Low drama, useful daily, and easy to keep alive.

Why include it:

  • central recipe/workflow store
  • practical household utility
  • low maintenance overhead

5) Monitoring + backup glue

Not sexy, absolutely necessary.

For monitoring, Uptime Kuma is the easiest good default.

Minimum viable ops:

  • health checks for core services
  • lightweight status dashboard
  • regular config + data backups
  • one clear recovery path per service

Network setup that won’t bite you later

If your Mac is behind FileVault and power cycles, remote access can become painful unless you design around it.

The practical pattern:

  • always-on gateway device (e.g., small router)
  • VPN/WireGuard ingress on gateway
  • LAN SSH hop to Mac
  • keep personal and work tunnels separated

That gives you control without turning every laptop/phone into a VPN experiment.

Segmentation: the part people skip (and regret)

If you run both work and personal infra, separate them from day one.

Simple model:

  • Mac Mini: work runtime
  • Mac Studio: personal runtime
  • controlled admin access from one laptop
  • no credential sharing between domains

This is less about paranoia and more about not creating accidental blast radius.

What not to do on day 1

  • Don’t deploy ten services at once.
  • Don’t chase perfect kubernetes architecture for two boxes.
  • Don’t self-host critical auth first if you don’t have rollback confidence.
  • Don’t skip backups “until later.” Later never comes.

A realistic first weekend plan

Day 1:

  • base OS updates + package tooling
  • Ollama + two models
  • OpenClaw runtime up
  • basic remote access validated

Day 2:

  • Immich and Mealie
  • backup flow verified
  • simple health checks
  • document your setup in one markdown file

If it’s not documented, you’re not done.

Final take

A good homelab setup is not the one with the most containers.

It’s the one that still works when you’re tired, busy, and mildly annoyed.

Start small, segment early, and make recoverability your default feature.