I wanted some help with a homelab server I am in the beginning stages of designing. I am looking for a flexible and scalable media and cloud system for home use, and I thought this community would be a good place to source feedback and recommendations before taking any real next steps! I really want to check that I am approaching the architecture correctly and not making any bad assumptions. I am open to all feedback, so please let me know what you think!
I already run a simple home server and I have typical homelab FOSS apps, such as jellyfin, navidrome and audiobookshelf, but I am also interested in migrating away from cloud storage using nextcloud, immich, etc. In an ideal world, this setup would also allow me to leave windows on my main machine and use a windows vm for business related work that can’t be done on Linux. I will likely be the one primarily using the services, however I could expect up to 10 - 20 users eventually.

High level setup is with two machines:

• Proxmox Server
• TrueNAS Scale server
  • JBOD with either 90 bay or 45 bay storage
• 10G switch

This might be a stupid setup right off the bat, which is why I wanted to discuss it with you all! I have read a ton about using TrueNAS as a WM within Proxmox, but I just like the idea of different machines handling different tasks. The idea here would be to set up the TrueNAS server so it can be optimized for managing the storage pool to allow for easy growth. While the Proxmox server can handle all the VMs and connecting users, with higher IO, etc.

TrueNAS System Specs:

• AMD ryzen CPU and motherboard
• 64 or 128GB ram
• Mirror 500GB M.2 NVMe OS Drives
• GPU if necessary, but hopefully not needed
• Dual 10gb pcie card if the motherboard doesnt already come with them
• An hba for the JBOD something like the LSI SAS 9305-16e
• SLOG and L2ARC as necessary?

JBOD enclosure

• While I am interested in a 90-bay enclosure, I would only realistically be starting with two vdevs which is why I think a 45 bay enclosure wouldn’t be an issue.
• Im tentatively planning for an 11 wide Raidz2 vdev configuration. This would hopefully scale to 8 vdevs with 2 hot spares or 4 vdevs with 1 hot spare.
• All drives would be HDDs

Proxmox Server Specs:

I am less familiar with the specs I will need for a good Proxmox server, but here is what I am thinking.

• AMD epyc and motherboard if I can get my hands on a less expensive one. Otherwise I was thinking a higher end AMD ryzen cpu
• 128 or 256GB ram
• Mirror 500GB M.2 NVMe OS Drives
• Somewhere between 2 and 8 TBs of SSD storage. Depending on the number of drives, I think this would be a single drive, mirror or raidz1.
  • This storage will be used for all the vm configuration and storage, except for something like Nextcloud where the main storage will go onto the TrueNAS mount.
  • I would also use this for temporal storage such as downloading a file before transferring it to the TrueNAS mount.
• A dedicated GPU primarily for transcoding media streams, but also for testing and experimenting with different AI models.
• Dual 10gb pcie card

Questions:

• I know Proxmox can do zfs right out of the box so I know I don’t need the TrueNAS server, but splitting it this way just seems more flexible. Is this a realistic setup or would it just be better to let Proxmox do everything?
  • Does anyone have experience creating NFS shares in TrueNAS for mounting in Proxmox? I would be interested in thoughts on performance, and stability among any other insights.
• Do any of the system specs I listed seem out of line? Where and how do you think things should be scaled up or down?
• If I ever did expand to a second JBOD shelf, assuming the first one was full first, is it be possible to create new vdevs that spanned across the shelfs without losing data?
• Is SLOG and/or L2ARC necessary for this setup? What capacity and configuration would be best?
• What else have I missed?

Lastly, a quick blurb:

I have been building PCs for a while and undertook building a home server a few years ago. I loved the experience of learning Linux (the server is running Ubuntu), picking up docker, and learning more about the FOSS community has been a joy! Part of this project is to learn along the way but also have a setup that I can build towards over time! Proxmox, TrueNAS and zfs would all be new to me so I really see it as an opportunity to explore. I want a solid media and cloud server setup, while also giving myself the freedom to explore new operating systems and general hypervisor functionality.

And as long as I'm asking ... nginx or Apache (or Caddy or whatever else you think is best).

I'm hosting a few web sites and services, but currently, everything is "out there" on VPSes. I want to bring it all in-house, go back to the old days of actually hosting websites out of my living room.

Towards that end, I am gradually upgrading and overhauling all the sites and services, fixing long-standing issues and inefficiencies in the config files, merging servers, etc.

I have never learned Docker. I've started to several times, worked with it a bit on a job once, used it a bit here and there; so I'm not clueless, but it would be a learning curve.

Also, I'm running one main service (Nextcloud) that officially, only supports Apache -- there absolutely are nginx setup guidelines and tutorials and such, but that's all unofficial, experimental setups.

And I'm running another major service (Synapse), on nginx.

And I want to merge the servers, and choose one web server to host both of them, and I don't know which way to go there.

Thanks for any feedback.

Hey, gamer tilderinos. I've followed our Minecraft server threads but I've never participated.

Any interest in a Tildes Satisfactory server?

Do you think that game lends itself well to a shared server for this scale of people?

Hello Tildes!

I've been trying out a lot of open-source apps these past few months but I've always hosted them on a VPS. It's been great and educational so far. However, I started considering to host my very own server on-prem so that my data is absolutely physically with me and nowhere else.

With that short intro, I'd like to say I'm in the market for a home server. I can install OS's, docker containers, etc. And that's how I managed to install Jellyfin, Immich, Paperless, Portainer, etc on my VPS right now.

What out-of-the-box miniPC can be good for someone dipping their toes in the home server scene? I feel like I might need the storage to be extendable somehow? And it must be able to stream music and video through Jellyfin.

The choices in YouTube videos are overwhelming that I keep jumping from saying "ooh I'll get that" to "oh wait maybe I'll get that other one".

I also am not very handy in terms of hardware so I would prefer something out-of-the-box (if possible). Maybe a max budget of 500? But around 400 euros would be preferred. (Edit: In EU also, if possible)

Thanks for reading! Hope to hear from you guys!

I am wanting to setup a personal podcast server but I am not really sure how to go about that.

I have my own server at home with docker and I am not sure if there are any well-known FOSS (preferable dockerized) podcast server applications that I can spin up and load some podcast episodes into so that I can create my own custom podcast feed that only I would subscribe to?

and I want to be able to support video podcasts.

I've been slowly fiddling around with setting up a little homelab and media server for the last few months. As a web developer, I've always wanted to learn a bit more of the infrastructure side of things, hence the homelab part. The deteriorating quality of major streaming services finally pushed me to set up a media server as well.

Right now, my setup is very basic. I've been using an old repurposed office laptop. It's a simple dell latitude 5540 I got ridiculously cheap due to it's barely usable crusty keyboard, but since I mainly SSH into it that's not really an issue. I formatted it, doubled the ram, and installed the latest stable Debian release. (Headless)

After that, I chose to install yams which was recommended here. Definitely saved a lot of time there! Finally, I added an old unisex raspberry pi I had lying around. The idea is that it's the only part of the setup that is on 24/7, since it has an almost negligible footprint. Whenever I want the main server running, I SSH into the raspberry and use wakeonLAN to start the main server. I'm probably gonna make a tiny web interface for that soon.

Now on to the part I need advice for. The laptop and attached HD are quickly running out of space. I know just slapping on extra hard drives has a limit, and am vaguely aware of things like unraid existing, but am a bit overwhelmed right now with all the information and options in this space.

Does anyone have some advice on something I can tackle for a reasonable amount of work/budget? Something basic, but with the possibility of expansion in the future?

Any other tips on where to go next in general are of course also appreciated. (On that note, I'm right now not opening up the server to ingress from outside. I only interact with it on the home network, as I primarily work from home)

Hi

I figured before I start venturing into other forums dedicated to this sort of thing, I'd ask here on Tildes since I'm at least comfortable with the community and how helpful they can be here.

I'm tired of all of the subscription services I have, movies and TV shows disappearing from them, buying a film on Prime and only being able to watch it offline through a specific app. Even then, half the time we're watching comfort TV shows that we have on DVD already (X-Files and Friends for instance).

So I figured that building a home media server would give me the chance to cut the cord with a couple of these services and allow us to start using and controlling our own data again.

I have a budget of around £300 (I could perhaps push to £400 if needed) and I'm honestly not sure at all where to start. I have knowledge on how to build brand new, medium to high end gaming PCs as I've done it since I was in my late teens and built my first PC with the wages from my very first job but building a budget minded PC for use as a home media server goes completely over my head.

I've noticed that a lot of the pre-built NAS or media server boxes are very expensive so my first thought was to buy a refurbed workstation or small form factor PC that has enough "oomph" to do the trick but I don't know what ones to even start looking at and then I start to feel a little bit out of my comfort zone.

Things like getting the right CPU in these refurbed machines that offers the features I'm looking for like hardware transcoding etc., integrated GPU's, ensuring there's enough SATA ports for multiple hard drives and an SSD for a boot drive, and then to top it all off ensuring that while achieving these features the thing shouldn't draw too much power when idling as it'll be on for long stretches of time, if not left on 24/7.

I've also got no knowledge of Linux, I've never even looked at it but if it's genuinely easy enough (for someone with next to no Linux experience) then I'd be happy to give it a shot if it offers better performance compared to using Windows 10 or something.

All the server will be used for is watching TV shows, perhaps the odd film, listening to a bit of music perhaps and the odd podcast now and again. Simultaneous streaming will be fairly minimal, perhaps 2 streams as me or my partner watch one thing and our daughter watches another on her tablet. In regards to streaming outside the house that will also be almost non-existent, perhaps, again our daughter watching a kids TV show like Pokemon or Fireman Sam on her tablet when we're out but me and my partner don't tend to watch anything when we're outside the house, certainly not TV shows or movies anyway.

Redundancy isn't something I'm too horrendously worried about, I wouldn't be storing anything like photos that we wouldn't want to lose on it and while it'd be annoying, losing a drive with TV shows or films on it wouldn't be the end of the world.

Any help would be massively appreciated, thanks.

Edit: I've just purchased an Unraid license. I'll give it a go and it may not turn out well, but for the time being, the question is settled. I appreciate everyone for providing insightful and informative answers!

Hey everyone,

I've recently bought myself a NUC (NUC11TNHi3) that I intend to run as a home server, using many of my external USB drives as the storage.

My use case is very narrow. I'll use it as a Plex server and seed/leech torrents with it.

I've never built a home server like this before (I did dabble with it on a RPi, but that was just for PiHole), so I've never had to research what operating systems are available to me. After some research, I narrowed it down to two options.

1. Windows
   This option is the most straightforward given that it's the system I'm familiar with the most. My use case is also very narrow, so I could set everything up in a couple of hours. All I'd have to do is install Plex server, a torrent client, exposing them to the outside world with port forwarding or Tailscale (never used it before but seems easy enough), and share my external USB drives locally so that I can access them using my regular desktop computer at home. The downside of this is that Windows can be finicky. I'd also prefer to have my drives pooled under a single drive. A cursory research suggests that Windows can do this as well, but not in a way that inspires confidence.

2. Unraid
   I hadn't heard about this since last week, but it seems like a nice option. It costs money, it's proprietary, and I'd likely have to reformat all my NTFS drives to be able to use it but I was wondering if this would be the best long term solution. The learning curve will be there. Arrays, cache drives, share drives etc. are terms I'm not familiar with (though I can guess what purpose they serve) so it will be more time consuming to set things up properly. But given how narrow my use case is, as elegant a solution as it seems, is it necessary? I'm only considering this because seems like this is the best purpose built OS in the market right now.

Some clarifications:

• I'm sure someone will suggest a Linux distro. I have used Fedora as my main OS for a couple of years and I was quite happy with it, however I could never wrap my head around the Linux permissions structure, which Plex is awful with, as it creates its own user and look for drives under that user. I must have spent hours and hours to make Plex read my external drives properly before, but I've never managed to make it do so without some sort of hacky way and I don't want to do that with my home server. I don't want to have any doubts that things can go wrong. I want something that just works. (If only Synology had a capable device that could handle multiple simultaneous 4K transcodings. I'd have just throw my money at them instead of buying a NUC.)

• My use case will remain narrow. Maybe way down the road I can automate stuff with Sonarr or Radarr or stuff like that, but I don't think I'll ever consume enough recently released stuff to justify it. One thing is for certain, I'm never going to host my password server, feed reader, or something like that on this device.

That's about it. What should I do?

Given that I'm a novice is this area, I'd be all ears to listen any other related or unrelated advice for someone who's just starting to build their first home server.

Thank you in advance.

I'm kind of withdrawn and I don't talk a lot but I want to curate a community of chill people to play with. I just started my server and I've got 3 people whitelisted, of which 2 have shown up and those two are family members. And one person who tried to join but wasn't whitelisted, but idk how they got the ip since they're not in the discord.

I have around 300 subscribers where I posted the link, but only 3 people joined the discord (one being another subscriber, bc one of my family members hasn't accepted the discord invite yet but is whitelisted anyway bc duh). I'm just kind of feeling like the kid who invited his whole class to his birthday party but only 2 people showed up. I'm not sure what I've done wrong or if I missed an important step.

I'm going to set up my first home server with an Intel NUC, but I can't decide what OS to use. Ubuntu seems popular but I like Pop!_OS and am not sure if that would be a good option. Then there's TrueNas and Unraid, but as a newbie, what's the best choice?

I'm also just curious what everyone else is using :)

Edit: Thank you for your great responses!

I recently discovered Paperless-ngx and have immediately fell in love. I must now decide whether to host it on my VPS (risky with personal documents), on a Pi at home or finally invest in a proper home server (something cheap but with a bit more power than a Pi4). It can totally be run a Pi, but performance may not be as good.

Does Tildes have a big self-hosted community? What are you self-hosting currently, and what do you enjoy about it?

So I've seen some posts here and elsewhere about people making a home NAS setup, using it as a media server with jellyfin/plex/.arr to set up media + keep files/passwords/photos, and then managing it remotely. That sounds incredibly cool.

I also did some cursory searching that one way to do things without messing with port-forwarding is to look into Tailscale to network remotely.

I want to try this for my parents and I, especially since I will be training abroad for several years while they will be based in Asia.

The obvious problem is I don't have any experience with the process or even networking in general. I also do not know how to code in any capacity. I am in a decidedly non-tech field of work.

I've been googling but want to know if this a feasible idea at my skill level? Is this work for hobbyists or those in the professional field of computing? Am I going to potentially shoot myself security-wise if i try this? Should experiment with something smaller-scale first?

Preliminary "Research":

1. Watched Practical Networking on youtube to see what I was getting into (understood... lets say 45% of what he was talking about)
2. Plan to get a synology NAS with minimum 4 drive bays (Supposedly this is easiest for beginners?)
3. Connect to network via tailscale
4. Get a vpn
5. Install docker
6. Install apps
7. Connect it to PCs and smart tv at my parent's home in Asia
8. ???
9. Maintain it from Europe?

Any advice on how to start or any guides to recommend? (most of what I've found is 2021 or earlier so I am unsure if a lot's changed since then)

I'm having a "server" (very cheap, very old office pc) in my house I use together with dynamic dns. But it's not really stable, (needs regular restarts and dyndns is not really gold either) and as I want to offer family acces to nextcloud and myabe plex? any other ideas? and all the other nice stuff the free software world has to offer, this is not working well enough to not make them flee back to google + apple and stay there till eternity!

the other thing is, i got used to ssh and stuff over the last years and want to improve my skills and learn.

I know these two dont really go well hand in hand :-(

I actually have a decent up and down speed at my home so an upgrade for my existing system is thinkable but dyndns is just a PITA and i'd like having my own domain. do these work with changing ips? because with the prices they ask here for staric ips I can just rent a server in a center somewhere.

what do you do to self host, how do you do it and what would be your advise for me?

I usually setup debian or ubuntu servers. One of the pain areas I have avoided is email and usually just off-load the email to a 3rd party service. I currently need to setup a server with an email server and need a really simple straightforward tutorial. I thought I would see if the community has any suggestions.

I'm attempting to provision two mirror staging and production environments for a future SaaS application that we're close to launching as a company, and I'd like to get some feedback on the provisioning script I've created that takes a default VPS from our hosting provider, DigitalOcean, and readies it for being a secure hosting environment for our application instance (which runs inside Docker, and persists data to an unrelated managed database).

I'm sticking with a simple infrastructure architecture at the moment: A single VPS which runs both nginx and the application instance inside a containerised docker service as mentioned earlier. There's no load balancers or server duplication at this point. @Emerald_Knight very kindly provided me in the Tildes Discord with some overall guidance about what to aim for when configuring a server (limit damage as best as possible, limit access when an attack occurs)—so I've tried to be thoughtful and integrate that paradigm where possible (disabling root login, etc).

I’m not a DevOps or sysadmin-oriented person by trade—I stick to programming most of the time—but this role falls to me as the technical person in this business; so the last few days has been a lot of reading and readying. I’ll run through the provisioning flow step by step. Oh, and for reference, Ubuntu 20.04 LTS.

First step is self-explanatory.

#!/bin/sh

# Name of the user to create and grant privileges to.
USERNAME_OF_ACCOUNT=

sudo apt-get -qq update
sudo apt install -qq --yes nginx
sudo systemctl restart nginx

Next, create my sudo user, add them to the groups needed, require a password change on first login, then copy across any provided authorised keys from the root user which you can configure to be seeded to the VPS in the DigitalOcean management console.

useradd --create-home --shell "/bin/bash" --groups sudo,www-data "${USERNAME_OF_ACCOUNT}"
passwd --delete $USERNAME_OF_ACCOUNT
chage --lastday 0 $USERNAME_OF_ACCOUNT

HOME_DIR="$(eval echo ~${USERNAME_OF_ACCOUNT})"
mkdir --parents "${HOME_DIR}/.ssh"
cp /root/.ssh/authorized_keys "${HOME_DIR}/.ssh"

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
chown --recursive "${USERNAME_OF_ACCOUNT}":"${USERNAME_OF_ACCOUNT}" "${HOME_DIR}/.ssh"

sudo chmod 775 -R /var/www
sudo chown -R $USERNAME_OF_ACCOUNT /var/www
rm -rf /var/www/html

Installation of docker, and run it as a service, ensure the created user is added to the docker group.

sudo apt-get install -qq --yes \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg-agent \
    software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo apt-key fingerprint 0EBFCD88

sudo add-apt-repository --yes \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) \
   stable"

sudo apt-get -qq update
sudo apt install -qq --yes docker-ce docker-ce-cli containerd.io

# Only add a group if it does not exist
sudo getent group docker || sudo groupadd docker
sudo usermod -aG docker $USERNAME_OF_ACCOUNT

# Enable docker
sudo systemctl enable docker

sudo curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
docker-compose --version

Disable root logins and any form of password-based authentication by altering sshd_config.

sed -i '/^PermitRootLogin/s/yes/no/' /etc/ssh/sshd_config
sed -i '/^PasswordAuthentication/s/yes/no/' /etc/ssh/sshd_config
sed -i '/^ChallengeResponseAuthentication/s/yes/no/' /etc/ssh/sshd_config

Configure the firewall and fail2ban.

sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw reload
sudo ufw --force enable && sudo ufw status verbose

sudo apt-get -qq install --yes fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

Swapfiles.

sudo fallocate -l 1G /swapfile && ls -lh /swapfile
sudo chmod 0600 /swapfile && ls -lh /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile && sudo swapon --show
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab

Unattended updates, and restart the ssh daemon.

sudo apt install -qq unattended-upgrades
sudo systemctl restart ssh

Some questions

You can assume these questions are cost-benefit focused, i.e. is it worth my time to investigate this, versus something else that may have better gains given my limited time.

1. Obviously, any critiques of the above provisioning process are appreciated—both on the micro level of criticising particular lines, or zooming out and saying “well why don’t you do this instead…”. I can’t know what I don’t know.

2. Is it worth investigating tools such as ss or lynis (https://github.com/CISOfy/lynis) to perform server auditing? I don’t have to meet any compliance requirements at this point.

3. Do I get any meaningful increase in security by implementing 2FA on login here using google authenticator? As far as I can see, as long as I'm using best practices to actually ssh into our boxes, then the likeliest risk profile for unwanted access probably isn’t via the authentication mechanism I use personally to access my servers.

4. Am I missing anything here? Beyond the provisioning script itself, I adhere to best practices around storing and generating passwords and ssh keys.

Some notes and comments

1. Eventually I'll use the hosting provider's API to spin up and spin down VPS's on the fly via a custom management application, which gives me an opportunity to programmatically execute the provisioning script above and run some over pre- and post-provisioning things, like deployment of the application and so forth.

2. Usage alerts and monitoring is configured within DigitalOcean's console, and alerts are sent to our business' Slack for me to action as needed. Currently, I’m settling on the following alerts:
   1. Server CPU utilisation greater than 80% for 5 minutes.
   2. Server memory usage greater than 80% for 5 minutes.
   3. I’m also looking at setting up daily fail2ban status alerts if needed.