Skip to content
flowlayer

Home Lab Runtime Session

Use this when you want stable, always-on dev infrastructure shared across several devices — without turning your laptop into the process host.

A single home lab machine runs flowlayer-server and the heavy services; laptops, desktops, and tablets connect to the same Session API as TUI clients.

Home lab server config

Section titled “Home lab server config”
{
  "session": {
    "bind": "0.0.0.0:6999",
    "token": "homelab-dev-token"
  },
  "services": {
    "postgres": {
      "cmd": ["postgres", "-D", "/srv/flowlayer/var/postgres"],
      "port": 5432,
      "ready": {
        "type": "tcp"
      }
    },
    "redis": {
      "cmd": ["redis-server", "/srv/flowlayer/infra/redis.conf"],
      "port": 6379,
      "ready": {
        "type": "tcp"
      }
    },
    "kafka": {
      "cmd": ["kafka-server-start.sh", "/srv/flowlayer/infra/kafka/server.properties"],
      "port": 9092,
      "ready": {
        "type": "tcp"
      }
    },
    "api": {
      "cmd": ["pnpm", "--dir", "services/api", "dev"],
      "dependsOn": ["postgres", "redis", "kafka"],
      "port": 3000,
      "ready": {
        "type": "http",
        "url": "http://127.0.0.1:3000/health"
      }
    },
    "worker": {
      "cmd": ["pnpm", "--dir", "services/worker", "dev"],
      "dependsOn": ["api", "redis", "kafka"]
    }
  }
}

Run on the home lab host

Section titled “Run on the home lab host”
Terminal window
ssh dev@192.168.10.40 "cd /srv/flowlayer && flowlayer-server -c ./flowlayer.jsonc"

Connect from any trusted workstation

Section titled “Connect from any trusted workstation”
Terminal window
flowlayer-client-tui -addr 192.168.10.40:6999 -token homelab-dev-token

A separate TUI config is still recommended for each client machine:

{
  "session": {
    "addr": "192.168.10.40:6999",
    "token": "homelab-dev-token"
  }
}

Security baseline for a home lab

Section titled “Security baseline for a home lab”
  • Keep FlowLayer session ports on private VLANs or trusted subnets.
  • Block inbound WAN traffic to the session port.
  • Use long tokens and rotate them when access changes.
  • Prefer SSH tunnels for occasional external access.
  • Treat the host as development infrastructure, not production control plane.

Boundaries

Section titled “Boundaries”
  • This model supports development and integration loops.
  • FlowLayer does not replace cluster orchestration or production service supervision.
  • Keep production concerns in dedicated operations platforms and policies.