I’ve used a retired desktop for my home server since 1999. It doesn’t have the fancy web-UI management of commercial NAS, but I’m comfortable with command line and config files.

At some point, I realized I could use its wifi card and hostapd to replace my WAP. That was a bit of an adventure initially finding a card that really supports AP mode and setting up hostapd, but has now allowed me to migrate from 802.11g to n to ac much cheaper than buying whole new devices,

Recently converted to an N100 with 4x ethernet ports, which let me unplug my little 5-port switch.

Managing this doesn’t feel like a second job: it’s stable and just works. Automatic updates, with kernel blacklisted; periodically log in, update kernel & reboot. It does give me the opportunity, when I get inspired, for a weekend project, like adding hostapd or a new service, either via docker or bare metal. I like that I have one device doing “NAS,” WAP, and router jobs.

That drive averages 900 hours between power cycles? In Windows?

This is one of my pet peeves with containerized services, like why would I want to run three or four instances of mariadb? I get it, from the perspective of the packagers, who want a ‘just works’ solution to distribute, but if I’m trying to run simple services on a 4 GB RPi or a 2 GB VPS, then replicating dbs makes a difference. It took a while, but I did, eventually, get those dockers configured to use a single db backend, but I feel like that completely negated the ‘easy to set up and maintain’ rationale for containers.

The services you’ve mentioned are all pretty low compute impact, just bandwidth, so I’d expect your MBP to be fine. Transcoding for jellyfin is the only real wildcard, and that depends on your media and client setups. I run pihole, homeassistant, immich, and kodi on a raspberry pi 4 with plenty of overhead for more services. NAS is nice if your library outgrows a single disk and your storage bandwidth gets choked by USB multiplexing.

My suggestion is to consider a cheap VPS and vanity domain for external access. Domains cheap as $5/year; fair VPSs cheap as $30/year. Use SSH to forward localhost ports on the VPS to container ports on the MBP, then nginx on thee VPS to reverse-proxy to those forwarded ports. You get unique names for every service, LetsEncrypt certificates, and an offsite location for critical backups. Make sure you are the one paying for VPS & DNS so they don’t get surprise-cancelled.

Second not using local.com If OP doesn’t want a real domain, use an unresolvable TLD, like “private” (so, pihole.private, audiobookshelf.private), but a real domain will just work better, will let them use real TLS certs, and prevent problems from apps bypassing system DNS. Even if it’s not as pretty or memorable as the hijacked domain name.

My Pi spends all of its time around 55°C in a 20-25°C room. Main server idles at 47°C. Those aren’t worrying temps.

I’ve watched enough Lock Picking Lawyer never to want a consumer ‘smart lock.’ Half of them can be opened with a magnet. Maybe commercial grade is better, but I’ve been locked out of my job after every power failure for the last 10 years, until someone comes along with a physical key.

Re homeassistant on a Pi: homeassistant does a lot of database transactions, so you may want to have db storage on something other than an SD card.

You can only spin drives down if they’re idle. If you have a service that touches it - say, homeassistant logging data, tvheadend updating EPG - then they’re going to keep spinning.

I switched from an I3-530, nominal TDP 73W, to an N-100, nominal TDP 7W, and power from the wall didn’t change at all. Even the i3 ran around 0.1 CPU load, except when transcoding, and I’m left with the impression that most of the power goes into HDDs, RAM, maybe fans, and PS losses. My sense is that the best way to decrease homelab power use is to minimize the number of devices. Start with your seyrver at 60W, add a WAP at 10-15W, maybe a switch at 10-15W… Not because of the CPUs, necessarily, but because every CPU every CPU comes with systems to keep the CPU going, keep the power regulated, etc.

I’m not a huge docker expert, but I recently spun up a tandoor…dev, and their config instructions explicitly point out a couple of mounts that have to be volumes and can not be binds.

Docker’s own comments are https://docs.docker.com/engine/storage/volumes/ which my tl;dr is faster, can be shared by multiple containers, and can be a remote (NFS/CIFS) target.

I’d guess that maintainers use the volume structure to let docker handle the details of creating and maintaining the mount, rather than put it on the user, who may be spinning up their first-ever docker and may make all kind of naive mistakes.

My ISP seems to use just normal DHCP for assigning addresses and honors re-use requests. The only times my IP addresses have changed has been I’ve changed the MAC or UUID that connects. I’ve been off-line for a week, come back, and been given the same address. Both IPv4 and v6.

If one really wants their home systems to be publicly accessible, it’s easy enough to get a cheap vanity domain and point it at whatever address. rDNS won’t work, which would probably interfere with email, but most services don’t really need it. It’s a bit more complicated to detect when your IP changes and script a DNS update, but certainly do-able, if (like OP) one is hell bent on avoiding any off-site hardware.

Daniel Stenberg claims that the curl bug reporting system is effectively DDOSed by AI wrongly reporting various issues. Doesn’t seem like a good feature in a code auditor.

The UPS needs some power to keep its batteries full. Could be that it’s triggering off some threshold to do a charge cycle instead of just running a constant trickle. I’ve noticed that my laptop and phone charge that way, for example.

…hanging from their cables…

It really depends on what your data is and how hard it would be to recreate. I keep a spare HD in a $40/year bank box & rotate it every 3 months. Most of the content is media - pictures, movies, music. Financial records would be annoying to recreate, but if there’s a big enough disaster to force me to go to the off-site backups, I think that’ll be the least of my troubles. Some data logging has a replica database on a VPS.

My upload speed is terrible, so I don’t want to put a media library in the cloud. If I did any important daily content creation, I’d probably keep that mirrored offsite with rsync, but I feel like the spirit of an offsite backup is offline and asynchronous, so things like ransomware don’t destroy your backups, too.

With only 15U, assuming devices don’t stick out the back, I’d move it face-up, so devices are more hanging from their ears than cantilevered. A full, 42/48U rack is extremely top-heavy and tipping during move is a serious risk, but 15U is fine. It’s still very dense, and OP should try to ratchet-strap it to hard points in the trailer.

It kind of amazes me that, in this day and age, email has turned out to be the lynchpin of security. Email as a 2FA endpoint. Email password reset systems. If email is compromised, everything else falls. They used to tell us not to put anything in email that you wouldn’t put on a postcard…how did this happen?

Wonder if there’s an opportunity there. Some way to archive one’s self-hosted, public-facing content, either as a static VM or, like archive.org, just the static content of URLs. I’m imagining a service one’s heirs could contract to crawl the site, save it all somewhere, and take care of permanent maintenance, renewing domains, etc. Ought to be cheap enough to maintain the content; presumably low traffic in most cases. Set up an endowment-type fee structure to pay for perpetual domain reg.

At least my descendants will own all my comments and posts.

If you self-host, how much of that content disappear when your descendants shut down your instance?

I used to host a bunch of academic data, but when I stopped working, there was no institutional support. Turned off the server and it all went away (still Wayback Machine archives). I mean, I don’t really care whether my social media presence outlives me, the experience just made me aware that personal pet projects are pretty sensitive to that person.

Back in the day, I set up a little cluster to run compute jobs. Configured some spare boxes to netboot off the head-node, figured out PBS (dunno what the trendy scheduler is these days), etc. Worked well enough for my use case - a bunch of individually light simulations with a wide array of starting conditions - and I didn’t even have to have HDs for every system.

These days, with some smart switches, you could probably work up a system to power nodes on/off based on the scheduler demand.