Hello! I’m new to self hosting and networking stuff. I do use only Linux and have experience with Debian, Ubuntu, Mint, and have settled with Fedora and Bazzite on KDE on the home computers/laptops.

I got a GMKtec NucBox G9 Mini PC Intel® Twin Lake N150 recently and wireless keyboard with touchpad, installed Fedora Kiinoite on it and have so far only added VacuumTube. I don’t have much experience with the terminal and I’m not sure what step to do next or how.

What I want to do is set up an Arrstack, and I know I need to put Docker and maybe Portainer? I have no experience with Docker though. I also want to put some basic things I and others can access remotely like a shopping list program, photo backups, period tracker, and DnD software. But I’m very afraid of exposing the server to the internet and it being hacked or such. I know there’s something called Tailscale but I’m not sure if that’s what I need. And I don’t know what order I’m supposed to put any of this.

I’ve tried searching the internet for guides but haven’t really found anything except one that’s for Yunohost and it’s not really self hosting because they set it up on a cloud. All advice is appreciated. Thank you!

edit: I wanted to add I also want to use this as a htpc and it’s connected to the TV, so that’s why I want a GUI mostly - because it makes it easier to control from the couch

  • WbrJr@lemmy.mlEnglish
    1·
    2 days ago

    As everyone recommends something else, I will throw in yet another suggestion and maybe a way to put it in perspective.

    hardware:

    What ever you have right now is enough. I would recommend something that has more than one drive, but you can upgrade lager all the time. Watch out for power consumption.

    OS

    my recommendation is proxmox. You can run multiple OS on it, test things, make backups and restore them. It takes out the pressure. It is a bit more advanced but you can configure most things regarding VM creation via GUI. You can run Ubuntu, Debian, nixos, whatever. What I like about it, is that you can install home assistant as its own VM and it runs independent of your are stack or immich if you like.

    the purist would probably suggest plain Debian or so. You can access it via ssh and install docker or whatever. You will learn a lot, just like with proxmox, but here you can’t do backups as easily as with proxmox. You can also install Debian or so directly in proxmox.

    plug and play could be yunohost, CasaOS and things like that. It is an “server app store OS”, so you install things you want to run from their app store. Its mostly one click and it runs. Its nice if you don’t want to learn all that crap, but you are also limited in what you can do. You could install this on proxmox. Some don’t allow good storage management, best you’d o your own research if you are interested in this route.

    the storage

    If you want to store all you data and images on there, you propably want to go with 2 hdds mirrored, so you don’t loose your local data if one fails. I would go with no less than, 1tb, but data usage depends I guess. To run the os, definetly use ssd or nvme for their speed.

    There is the 321 backup rule.

    • 3 copies
    • 2 different media (hdd, ssd, magnetic tape, whatever)
    • 1 offsite storage.

    I have a 4 1 1.5 set up:

    • mirrored local storage
    • 1 media (hdds)
    • 1.5 offsite ad I have a mirrored offsite storage

    321 is ideal but 211 would also be ok for a home lab. Some run 110 and hope for the best.

    how to access it

    There are multiple ways to get to your data.

    The headache free one for me is a vpn mesh (tailscale, pangolin, netbird), so all your devices are in a mesh and you can access your stiff from everywhere. pro:

    • very secure as it relies on the wireguard protocol and is not exposing anything. Its also pretty fast, the cap is you own internet connection. It uses smart routing, so if you are in the same network, it tries to find the fastest way. cons:
    • you can’t share your story as easily without others having a vpn connection.

    You can also use a wireguard connection to your home router and expose you complete home network to your vpn. Also secure, my router (Fritz! Box from avm) offers this natively, but I would argue the vpn mesh solution is easier.

    There is the cloud flared tunnel which some recommend, I cant say anything about it, did not use it yet.

    You could also do port forwarding on your network. That way you can expose a reverse proxy for example through your home router, and access it from the outside. That way you rely on the services you run to be secure, not have a zero day and to do the authentication well. For me the risk that I forgot to update a service and there being a security risk to my data is too high, so I use the vpn route.

    services to run

    What ever route you choose, here are suggestions I found nice:

    • docker makes it easy and fun to start and stop stuff. I use compose files as they allow you to copy that config file as a backup.
    • traefik as a reverse proxy. That way you can reach your services via a domain (like shoppinglist.hezaethos.lol or so). It allows to do port mapping as well, so you could run game severs as well. Its a nice trade off between ease of use and features. Caddy is easier but can’t do dns-01 certificate requests.
    • immich for hosting you images. Has phone apps, is pretty much just google photos self hosted.
    • paperless to uplaod all your PDFs. It does machine learning to sort your files. Its just a convenient way to store all you documdnts in one place. Its not a google drive Alternative
    • nextcloud or truenas to store files

    Have fun! Do what ever feels fun and don’t put your goals too high, it will burn you out :)