Currently trying to figure out how to create and maintain an internal CA in order to enable pod to pod TLS communication, while using letsencrypt for my public ingresses.

Excellent point, thank you!

I use dperson/samba, which is both simple and comes with usage examples.

I will be moving my entire homelab to a different country, which currently consist of two kubernetes nodes, a NAS and various home automation devices. I will be scaling down gradually, taking cold storage backups of everything and plan to resurrect everything on new hardware once I have moved.

It’s absolutely fine, even if something is missing you can solve that with distrobox or similar tools.