Prachyam Dev Mesh

Overview

Prachyam Studios provided a 16 GB M1 iMac as the sole development machine for the Sangam OTT monorepo — a codebase targeting web, iOS, Android, Apple TV, Android TV, Roku, Tizen, and webOS simultaneously. Running all Docker services (databases, search, AI inference, real-time, monitoring, payments) alongside active build processes and simulators was not viable on 16 GB. The machine would saturate memory and become unresponsive.

The solution was a 3-node Tailscale mesh: active development stayed on the iMac while all stateful Docker services ran on two companion machines, reachable over a WireGuard overlay network. dnsmasq provided wildcard DNS so every service got a clean *.local domain; Caddy terminated TLS with a wildcard certificate so browser sessions worked identically to production. No new hardware was purchased and no cloud spend was incurred.

The architecture later evolved into a personal ~/infra repository with 97 named Caddy routes and a full production-parity toolkit for solo development — a direct successor to the Prachyam mesh.

The Challenge

The hardware budget was fixed. An upgrade to a Mac Studio or Mac Pro would have cost ₹1,50,000–₹4,00,000 and required a budget approval process that wasn't on the table. Cloud dev environments were rejected due to GPU locality requirements for AI inference workloads and prohibitive cost on a volunteer salary. The constraint was real and required a topological solution, not a hardware one.

Architecture

Three machines joined a private WireGuard overlay via Tailscale. Tailscale SSH handled cross-node authentication without managing key pairs per machine. dnsmasq on each node resolved *.local (Prachyam era) / *.dev.dharmic.cloud (personal era) wildcard domains to the appropriate host. Caddy handled TLS termination via Cloudflare DNS-01 challenge, issuing a single wildcard certificate that covered all 97+ service subdomains. Docker Compose services — PostgreSQL, Dragonfly, MinIO, Typesense, Qdrant, NATS, Temporal, Authentik, Flipt, Lago, OpenTelemetry, Grafana — ran on the non-development machines. The development machine ran only active bun dev and compile processes. Ten custom MCP servers (TypeScript, @modelcontextprotocol/sdk) exposed project internals — workflow docs, API testing, semantic code search, database schema, feature flags, infra health — as on-demand tools invoked by the AI coding assistant over Tailscale SSH.

Key Decisions

Tailscale over self-managed WireGuard. Tailscale's coordination server handles peer discovery automatically and Tailscale SSH eliminates separate key management — critical for a 3-machine solo-operated mesh that also bridged Pune and Varanasi offices without firewall changes.

dnsmasq wildcard address record instead of per-host entries. A single address=/.dev.dharmic.cloud/127.0.0.1 line covers all 97+ subdomains; adding a new service requires only a Caddy route block, making the MIGRATE.md runbook fully automatable.

Caddy over nginx for TLS. Caddy's automatic ACME support with the Cloudflare DNS plugin handles wildcard cert renewal without cron jobs or per-service cert management — essential for a rapidly expanding service catalogue.

MCP servers over a fat CLAUDE.md. Deferring context loading until the assistant requests it reduced CLAUDE.md from 105k to 32k characters, dropped context-limit errors in long sessions to near-zero, and gave the assistant on-demand access to 29 workflow documents and 9 other context domains.

Results

The monorepo build, simulator runs, and full integration test suite ran on the constrained machine with zero hardware cost and zero cloud spend. The 10 custom MCP servers reduced AI assistant context load by 69%, which lowered per-session token cost and eliminated context-window errors during long development sessions. The pattern formalised into a personal ~/infra with 97 HTTPS routes, and a machine-readable MIGRATE.md runbook that reduces new-project infra onboarding from two hours to approximately ten minutes.