Hi, I’m quite new to this (only have watched videos and read forums) so I might use incorrect terms and explain things unclearly, please ask if you need more information to assist me.

Alright, so I got a dell optiplex 7060 micro with an i7 8700, 16gb dual channel ram (sodimm), a 256gb m.2 sata ssd and 130w dell ac adapter. Some other currently not in use hardware that may be of help is a 1tb 2.5 inch hdd that was in an old laptop from 2017 (still works perfectly fine, did do writing quite a bit in the past but never even store past 200gb) and a 1tb 3.5 inch hdd in some sort of bay for storing film in the 2010s (haven’t used for a long time but a few months ago I connected to it, could read and copy files from there).

My use case would be nextcloud for me, a friend in another country and 1 or 2 family member to backup data, we all have a copy on our machine and cloud backup. Next would be jellyfin and vaultwarden for my personal use, probably to stream some music that I listen to less frequently and movies that I torrent to watch a few times a month. I would also do research on running home assistant (now using a google nest mini and broadlink universal ir remote with the google home app and broadlink’s app, looking to degoogle and rely less on cloud stuff) and a matrix server for me and 2 more friends. However, the emphasis is still on the 3 initial purposes.

I’m planning to buy 1 nas drive from 2-4tb, a ups for proper shutdown/notification in power outage situations and will buy an external drive in the future or use the old drives for backup (maybe once a week) if possible.

Now, to the questions:

  1. Is the 1 drive setup actually suitable for my use case?
  2. Should I use proxmox? Or do you suggest smth else?
  3. What should I do to connect the drive? Use the sata connector of the dell optiplex micro (designed for 2.5 drives) and wire it to the outside, will it even provide enough power for a 3.5 hdd? Or buying a m.2 e key to 2 sata ports is a better option, and how can I power the single drive without purchasing a desktop psu?
  4. What is the best choice for connecting remotely without consuming too much battery on the devices? I’ve read about tailscale, wireguard, cloudfare, and things like using my own domain.
  5. I’m looking for old nas drives too because my budget is tight, what conditions should I aim for if I want it to work for another 4-6 years?

Any other ideas/suggestions for my project would be of so much help! Thank you so much!

  • walden@sub.wetshaving.socialEnglish
    0·
    2 months ago
    1. Sure. Having more drives is typically done for reliability reasons and they’re set up in some sort of redundant file system like ZFS, BTRFS, or RAID. Having only one drive means when it fails (and it will) you’ll have some downtime while you replace the drive and restore backups.
    2. Proxmox is great, and I recommend it. Proxmox gives you two important things: 1) A nice way to manage storage (this may not be applicable to you with just one drive, but if you decide to add more later you can explore the options 2) BACKUPS! You’re going to have lots of docker containers and stuff. Restoring docker containers on bare metal is tedious, because you’re dealing with all of the folders that you’ve set up as volumes, all of the compose files, etc. With proxmox, you run Debian in a virtual machine and have all of the Docker stuff in the VM. Your backup will be the entire VM, so restoring it is very simple.
    3. I don’t have a good answer for this.
    4. The best choice is whatever works best for you. Sort of a cop out answer, sorry. A lot of people like Tailscale (Headscale is another option), but the downside is you have to set it up on ever device you want to access stuff from. A reverse proxy like Nginx Proxy Manager or Caddy lets you use your own domain. They handle renewing certificates and everything in the background. It requires opening (forwarding) ports 80 and 443 on your router/firewall. Some see this as a security downside, but if everything is done using HTTPS then in theory it’s very safe.
    5. I don’t have a good answer for this.
    • kgrnd@reddthat.comOPEnglish
      1·
      8 days ago

      I know it has been a long time but thanks for your reply! I just plug the 1tb 2.5 hdd in, set up an omv vm and jellyfin lxc in proxmox for movies and music at home. I’ve tried some other stuff too, it took too much of my time because I’m just learning all the stuff from scratch haha. Mostly problems with mounting the smb share but figured it out in the end.

      Btw, can you explain the connecting to the internet stuff for me? Like I still don’t understand the basics from reading online. Lately, I’ve been researching things like tailscale, wireguard and gluetun to achieve the goal of setting up a small minecraft server for me and my friends, and for the occasional torrenting with a vpn on qbitorrent.

      Any help is appreciated, tysm!

      • walden@sub.wetshaving.socialEnglish
        2·
        8 days ago

        Nice, glad you’re having fun with it.

        Exposing things to the internet is a lot of fun, just keep in mind that there are bots out there just itching to break into your stuff. Use strong passwords. Use different passwords for every. single. website.

        Tailscale is often recommended because it’s very secure. You don’t need to pay for your own domain name, either as far as I know.

        For things that I expose to the internet (the Lemmy instance that I’m writing this from, for example) I like having a domain name. Especially when sharing it with friends since it’s what people are used to.

        If you’re interested in going that route, each “thing” that you host gets its own sub domain. For example if the domain name you buy is called “kgrnd.com”, and you’re hosting a minecraft server – you might call it “minecraft.kgrnd.com”. Jellyfin might be jellyfin.kgrnd.com.

        Starting from outside, sitting in a park bench looking at your phone – the steps that internet traffic goes through to reach your server is like this:

        1. phone or device
        2. internet connection
        3. your domain registrar, which tells it where to send the traffic (to your house/server) using DNS records
        4. your router (hopefully something relatively decent and up to date for security)
        5. your reverse proxy, which your router is programed to send HTTPS traffic to (port forward 80 and 443 to your server)
        6. the minecraft server, be it in Docker or whatever.
        7. then back again all the way to your phone

        A reverse proxy just decides "ok, here’s some traffic from minecraft.kgrnd.com, and I’ve been told that minecraft.kgrnd.com over on 192.168.2.32, port 25565.

        Do not tell your router to forward traffic on port 25565. That is not secure. The only ports that you open (forward) on your router firewall are 80 and 443, and those both point to the IP address of your reverse proxy.

        Reverse proxy’s come in various flavors. A lot of people like Caddy. I like Nginx Proxy Manager (NPM). Both handle SSL certificates for you which is very very nice.

        The last problem to solve is the fact that your home IP address changes from time to time. This is pretty standard practice with non-business accounts. That’s where a dynamic DNS service comes into play. My router has a built in service to handle it, so when I set up my domain name DNS records to point to “my house”, I don’t tell it my IP address because that’s subject to change. Instead I give it what’s called a CNAME record which points to a web address that my router has provided me. If your router doesn’t have a feature like that, you’ll have to explore other options for handling dynamic IP addresses.

        Once you have something up and running, you have to do 2 things –

        1. At your domain registrar, add a CNAME record that points to your dynamic DNS address (however you’re handling that). Alternately, add an A record pointing straight at your IP address. This will break eventually when your IP address changes.
        2. At your reverse proxy, add an entry telling it "when you see traffic coming from service.kgrnd.com, send it to the IP address of my server and port XXXXX.

        Another thing that I like to do, which is a bit more advanced but in the end makes things simpler and more secure:

        • If using Docker, set up your reverse proxy to run on a Docker network called “nginx” for example.
        • Ever Docker container that you set up which you want to expose to the internet via Nginx Proxy Manager, manually assign it to the same network (otherwise Docker by default gives each thing its own network).

        This is nice because you don’t have to tell docker to forward any ports. Whatever the default port is for the service your running, nginx can access it no problem because they’re on the same Docker network. For example if your Minecraft docker container is called “minecraft-minecraft-1” and has stuff on port 25565, you don’t need to know the IP address of Minecraft. In the NPM entry, you just point minecraft.kgrnd.com to minecraft-minecraft-1 and port 25565. Done. No exposing external ports to the docker container. Pretty cool.