Olympus Docs
CookbookDeployment

Run Olympus on a Raspberry Pi

Homelab Olympus on a Raspberry Pi 5

A Raspberry Pi 5 with 8GB RAM can run Olympus for a small audience (~50 MAU). Useful for: homelab, family identity provider, no-recurring-cost personal cloud.

Hardware

  • Raspberry Pi 5 (8GB RAM preferred; 4GB works).
  • NVMe HAT with a small NVMe SSD (256GB+).
  • PoE+ HAT if you don't want power cabling.
  • Reliable power supply (5V/5A USB-C).

Approximate cost: ~$120-180 USD all-in.

OS

Raspberry Pi OS 64-bit (Bookworm) or Ubuntu Server 24.04 for ARM. Either works.

sudo apt update && sudo apt upgrade -y
sudo apt install -y podman podman-compose

Verify multi-arch images

Olympus images should support linux/arm64:

docker manifest inspect ghcr.io/olympusoss/athena | jq '.manifests[].platform'

If linux/arm64 is listed, you're good. If not, you'll build from source on the Pi (slow, ~30 min for a full build).

Public access

The Pi is behind your home router. Two options:

A: Port forwarding

Forward router ports 80 and 443 → Pi's local IP. Use Dynamic DNS (DuckDNS, Cloudflare DNS API) to update your DNS A record when your home IP changes.

# /etc/cron.hourly/update-dns
curl "https://www.duckdns.org/update?domains=myhome&token=YOUR_TOKEN"

Outbound-only tunnel, no port forwarding required. See Cookbook, Cloudflare in front.

cloudflared tunnel create olympus-pi
cloudflared tunnel route dns olympus-pi ciam.your-domain
cloudflared tunnel run olympus-pi

Postgres

Self-host on the same Pi (managed Postgres adds cost, defeating the homelab purpose).

podman run -d --name olympus-postgres \
  -v olympus-pg-data:/var/lib/postgresql/data \
  -e POSTGRES_PASSWORD=<strong> \
  postgres:17

Daily backup to a USB external drive:

# /etc/cron.daily/olympus-backup
podman exec olympus-postgres pg_dumpall > /mnt/backup-drive/$(date +%Y%m%d).sql
find /mnt/backup-drive -name "*.sql" -mtime +30 -delete

For off-site: rsync to another Pi at a friend's house, or rclone to Backblaze ($1/mo for 100GB).

Power and uptime

  • UPS battery hat, Pi 5 has good ones available; ~$30. Bridges brief outages.
  • Watchdog, apt install watchdog and configure to reboot on hangs.

Don't expect 4-nines uptime. This is homelab.

Performance budget

For ~50 MAU with light usage:

  • Login flow: ~200ms (including Postgres roundtrips).
  • Token introspection: ~50ms.
  • Disk I/O: NVMe makes a big difference; don't run on SD card.

Throughput limit: ~5-10 logins/second sustained. Above that, the Pi runs out of CPU.

What this is good for

  • Personal SSO across your homelab (Home Assistant, Plex, Jellyfin, Frigate, etc.).
  • Family auth provider for shared services.
  • Olympus development environment.

What this is NOT good for

  • Production customer-facing identity (Olympus on a Pi at home is a liability for paying customers).
  • Anything with regulatory compliance (HIPAA, PCI-DSS).
  • High availability.

Postgres tuning from zero

Setting up Postgres for Olympus from default

Single $5 VPS deployment

Run Olympus on the cheapest legitimate VPS

On this page

HardwareOSVerify multi-arch imagesPublic accessA: Port forwardingB: Cloudflare Tunnel (recommended)PostgresPower and uptimePerformance budgetWhat this is good forWhat this is NOT good forRelated