In a few months, I will have the space and infrastructure to join the selfhost community. I’m trying to prepare, as I know it can be challenging, but I somehow ended up with more questions than answers.

For context, I want to run a server with torrents, media (plex, Jellyfin or something else entirely - I didn’t make a decision yet), photos(Emmich, if its stable, or something else), Rook, Paperless, Home Assistant, Frigate, Adguard Home… Possibly lots more. Also, I will need storage - I’m planning for 3x18tb drives to begin with, but will certainly be adding more later.

My initial intention was to set up a NAS in Silverstone CS382(or Jonsbo N3/N5, if they’re in a reasonable price). I heard good things about Unraid and it’s capabilities of running docker. On the other hand, I’m hearing hood things about Proxmox or NixOS with NAS software running in a VM, too - but for Unraid, it seems hacky. Maybe I should run NAS and a separate server? That’d be more costly and seems like more work on maintenance with no real benefit. Maybe I should go with TrueNAS in a VM? If I don’t do anything other than NAS, TrueNAS shouldn’t be that hard to set up, right?

I’m also wondering whether I should go with Intel for QuickSync, AMD and Arc graphics or something else entirely. I’ve read that AV1 is getting popular, is AMD getting more support there? I will buy Intel if it’s clearly the better option, but I’m team Red and would prefer AMD.

Also, could anyone with a non-technical SO tell me how do they find your selhosted things? I’ve read about Cloudflare Tunnels and Tailscale, which will be a breeze for me, but I gotta think about other users aswell.

That’s another concern for me - am I correct in thinking Tailscale and Cloudflare Tunnels are all I need to access the server remotely? I will probably set up a PiKVM or the Risc one aswell, can it be exposed aswell? I will have a dream machine from Ubiqiti, anything that needs to run to access the server I may run there. I’m not looking to set up anything more complicated like Wireguard - it’s too much.

For additional context, I’m a software developer, I know my way with Docker and the command line and I consider myself to be tech savvy, but I’m not looking to spend every weekend reading changelogs and doing manual updates. I want to have an upgrade path (that’s why Im not going with Synology for example), but I also don’t want to obsess over it. Money isn’t much of an issue, I can spare 1-2k$ on the build, not including the drives.

Any feedback and suggestions appreciated :)

  • @[email protected]OP
    link
    fedilink
    English
    13 months ago

    I only said 3 drives because supposedly it’s better than 2, which would mean simple mirroring - I’ll cross that bridge when I get to it, shouldn’t be hard to get answers there.

    Is Cloudflare Tunnels really this problematic? I thought Tunnels and Tailscale would be safe… If I can’t expose those services, I’d rather pay for SaaS alternatives.

    Thank you for the other tips.

    • @[email protected]
      link
      fedilink
      English
      2
      edit-2
      3 months ago

      More drives is always better. But you need to understand how you are making it better.

      https://en.wikipedia.org/wiki/Standard_RAID_levels is a good breakdown of the different RAID levels. Those are slightly different depending on if you are doing “real”/hardware RAID or software raid (e.g. ZFS) but the principle holds true and the rest is just googling the translation (for example, Unraid is effectively RAID4 with some extra magic to better support mismatched drive sizes)

      That actually IS an important thing to understand early on. Because, depending on the RAID model you use, it might not be as easy as adding another drive. Have three 8 TB and want to add a 10? That last 2 TB won’t be used until EVERY drive has at least 10 TB. There are ways to set this up in ZFS and Ceph and the like but it can be a headache.

      And the issue isn’t the cloudflare tunnel. The issue is that you would have a publicly accessible service running on your network. If you use the cloudflare access control thing (login page before you can access the site) you mitigate a lot of that (while making it obnoxious for anything that uses an app…) but are still at the mercy of cloudflare.

      And understand that these are all very popular tools for a reason. So they are also things hackers REALLY care about getting access to. Just look up all the MANY MANY MANY ransomware attacks that QNAP had (and the hilarity of QNAP silently re-enabling online services with firmware updates…). Because using a botnet to just scan a list of domains and subdomains is pretty trivial and more than pays for itself after one person pays the ransom.

      As for paying for that? I would NEVER pay for nextcloud. It is fairly shit software that is overkill for what people use it for (file syncing and document server) and dogshit for what it pretends to be (google docs+drive). If I am going that route, I’ll just use Google Docs or might even check out the Proton Docs I pay for alongside my email and VPN.

      But for something self hosted where the only data that matters is backed up to a completely different storage setup? I still don’t like it being “exposed” but it is REALLY nice to have a working shopping list and the like when I head to the store.