Hello,
as you may can guess i am here because i need some help because i want to self host some stuff and i am pretty new to this stuff. I did a loto f research and i came up with a lot of stuff. I will present you my thoughts and maybe some people here can tell me if i am good or not.
First the Hardware.
I did a lot of research and came up with a HP Elitedesk 800 G5 Mini as my home server.
It can hold 2x NVME SSD and 1xSata SSD. It has an Intel 5 9500T and is upgradeable to 64gb of Ram.
I can get one from ebay used for maybe 150-170€. Then i need to upgrade the ram because it comes with 8gb only. I thought maybee upgrade it to 32gb for now. And buy 2 nvme ssds both 2tb dont know which brand is cheap and good there. The sata ssd could be my operating system i have 1 with 120 gb at home hope this is enough.
The NVME SSDs are 1 for storage of mainly photos videos and maybe a small audio collection. The other is to make a backup of all this. (Mirrored)
Second Operating System
I know there area lot of things out there and i know people can recommend a lot of stuff but …. I wanna keep it as simple as possible for my first homeserver … also i dont ´have too Much time with an 2 year old child. So my thoughts were using Ubuntu server with docker and portainer. Just that.
Third My apps and Stuff.
So mainly i wanted to run the following Applications on that.
- Immich
- Homeassisstant
- Joplin
- Audiobookshelf
- Calibre Ereader
- CalDav App for a Calender Sync with MY Phone and MY wife
- Pi hole
- Vaultwarden
- And Homarr as a Dashboard for all of this.
Fourth Using all this from my phone
Thats the only part where i didnt have time to do some research how i use all off that safly from my phone.
I guess i need some kind of VPN for a secure use?
I hope that part is easy.
Son ow i shared all off my initial researches and thoughts. I hope i wrote not to much mistakes.
And i hope you guys can help me out a little.
Greetings
A lot of that stack looks similar to mine, though I’m running bigger hardware for various reasons. You might want to go with something with more cores than an i5 depending on how much you find yourself utilizing.
Have you considered Nextcloud for documents and syncing functionality? I went through a few ways of running it before ended up with the Snap package which has been fairly solid for over a year now (Docker was good for setup, but upgrading was problematic if not kept up with religiously)
Vaultwarden is Excellent.
Calibre-Web is good, especially if paired with the application to “extract” books, and an app like Moon+ on mobiles
Audiobookshelf is pretty solid. Pairs well with Libation.
HASS I initially ran on my server in a container but moved to dedicated hardware so updating and reboots didn’t break automatons. Got a HASS Yellow for the PoE and Zigbee.
If you’re looking for audio/video library management, JellyFin is pretty easy to get running and has apps for phones plus many TVs. Finamp is a good mobile app for the music part
I don’t have any document stuff on PC its just for photo video backup with immich. Audio and some homeassistant stuff.
The only thing missing is a good backup.
If you are storing anything important – especially Immich and Vaultwarden data – you should have a good offsite protection strategy. And even the HASS config should be backed up with versioning because rebuilding from scratch could be painful once you get deep into it.
I’ll let others chime in on possible good backup options because I use Veeam and Azure, which really isn’t in the spirit of this community, and I’d be interested in good open source options myself.
Also, RAID (mirroring) is NOT a backup.
Not wrong, just saying that every Vaultwarden client is a backup basically since they cache everything and it doesn’t expire.
Could I go with an external hard drive and make a backup there? I don’t think an offside backup is possible for now only a cloud service would be an option.
Yep, that would work fine for the first line of defense. Eventually, you can expand it to copy, replicate, or drive swap the onprem backups offsite somewhere (e.g., cloud, office, or family member) if you want to protect your data from site loss (e.g., house fire).
OK I think family is not an option so maybe I will take something like koofr into account
I run backups to a USB drive which is way to grab in the event of an emergency. Just make sure you test them every more and again, and possibly only connect it when needed if you’re at all worried about malware (a cryptolocker will happily take out any attached storage if your machine is infected).
Yes!
Someone in this community once said that if you’re not ready with a backup plan, then you’re not ready for self-hosting.
You seem to have almost everything under control and already planned. For the VPN I’d suggest Tailscale since it’s the easiest VPN to set up (if you don’t have a public IP). You can do a lot of things with it, but if you only want the basics, then there’s not much reading to do. Some people recommend ZeroTier, but I havent tried it, tbh.
BTW, I would keep in mind that Tailscale is planning to go IPO (if you care about that):
Having something as critical as your vpn depend on a 3rd party kinda sounds like a bad idea
So long as Tailscale maintains their free tier, they would fit OPs needs just fine. If they move to get rid of, or otherwise enshitify the free tier, there would likely be time to move to wireguard or something similar.
I’d be interested in the viability of Headscale as a replacement, been meaning to try that…
Well, OP didn’t say what was their situation. I’m behind a CG-NAT so I’d need a VPS or something similar for which I’d have to pay, and I don’t have the budget right now. I understand the concern, but OP is looking to reduce the time needed to setup things.
Have a look at YUNOhost for your OS. It’s based on Debian and is designed to be really easy to set up and use, which might be useful for you as you have young children and not much time.
i found containers helpful… it was simple to spin up a VPN container (gluetun), and push through any services/access/other containers (like pihole) through that. i really appreciated this because if the vpn goes down i’m not suddenly leaking my ip.
Sounds quite good, but just use regular Debian, ubuntu isn’t any better and annoying with their Snap BS.
I guess i need some kind of VPN for a secure use?
You can set up a Wireguard VPN.
The distro doesn’t really have much impact on the end result. Use what you prefer. Especially if you are using containers which is really the way to go anyway.
It’s worth noting that there are some problems with using Snap. I don’t recall the service I was using, but I was pulling out my hair trying to solve something that I could not get working. Turns out that the snap installation did not function in the expected way and the solution was to re-install without Snap.
I think you’ve put more thought into how to get started than many others would! You have a pretty good plan from what it seems. My thoughts from each section below.
Hardware: I’m partial to Crucial and Kingston for storage that is affordable and dependable
OS: I’d probably spin up a Debian install if I were in your shoes and run my services using docker-compose files. It’s a quick and easy to get up and running, and despite the ease, there is still the option to do a lot of customization when you want to, and that will make it easy to learn more at your own pace and leisure.
Services: For the CalDav portion, I’m really liking Radicale.
Security: PiVPN is what I’m running on my actual RPi along with PiHole, and it was a super simple setup. I connect via Wireguard from any of my other devices.
Debian only with ssh installation or with gnome GUI / Desktop-Environment?
Samsung for storage. Crucial if you can’t get Samsung.
