Sure, I'm not saying its optimal, optimal will always be dedicated hardware and redundancy in every layer. But my point is that you gain very little for quite the investment by breaking out the fileserver to dedicated hardware. It's not just CPU and RAM needed, it's also SATA headers and an enclosure. Most people doing selfhosted have either one or more SBCs and if you have more than one SBC then yeah the fileserver should be dedicated. The other common thing is having an old gaming/office PC converted to server use and in that case Proxmox the whole server and run NAS as a VM makes the most sense instead of buying more hardware for that very little gain.
ninjan
joined 1 year ago
There's absolutely no issues whatsoever with passing through hardware directly to a VM. And Virtualized is good because we don't want to "waste" a whole machine for just a file server. Sure dedicated NAS hardware has some upsides in terms of ease of use but you also pay an, imo, ridiculous premium for that ease. I run my OMV NAS as a VM on 2 cores and 8 GB of RAM (with four hard drives) but you can make do perfectly fine on 1 Core and 2 GB RAM if you want and don't have too many devices attached / do too many iops intensive tasks.
Well good part there is that you can build everything for internal use and then add external access and security later. While VLAN segmentation and overall secure / zero-trust architecture is of course great it's very overkill for a selfhosted environment if there isn't an additional purpose like learning for work or you find it fun. The important thing really is the shell protection, that nothing gets in. All the other stuff is to limit potential damage if someone gets in (and in the corporate world it's not "if" it's "when", because with hundreds of users you always have people being sloppy with their passwords, MFA, devices etc.). That's where secure architecture is important, not in the homelab.
My best advice is use that your old setup hasn't died yet while you can. I.e. start now and setup Proxmox because it's vastly superior to TrueNAS for the more general type hardware you have and then run a more focused NAS project like Openmediavault in a proxmox VM.
My recommendation, from experience, would be to setup a VM for anything touching hardware directly, like a NAS or Jellyfin (if you want to have GPU assisted transcoding) and I personally find it smoothest to run all my Docker containers from one Docker dedicated VM. LXCs are popular for some but I strongly dislike how you set hardware allocations for them, and running all Docker containers in one LXC is just worse than doing it in a VM. My future approach will be to move to more dedicated container setup as opposed to the VM focused proxmox but that is another topic.
I also strongly recommend using portainer or similar to get a good overview of your containers and centralize configuration management.
As for external access all I can say is do be careful. Direct internet exposure is likely a really bad idea unless you know what you're doing and trust the project you expose. Hiding access behind a VPN is fairly easy if your router has a VPN server built in. And WireGuard (like Netbird / tailscale / Cloudflare tunnels etc all use) is great if not.
As for authentication it's pretty tricky but well worth it and imo needed if you want to expose stuff to friends/family. I recommend Authentik over other alternatives.
I'd say any project that's decently maintained and satisfies your use case is probably good enough. I found this that from the sound of it fits your use case: https://github.com/fffonion/lua-resty-acme
A lot of stuff runs great on SBCs, it's just that they're not as smooth to manage as a Proxmox server running containers or VMs. You also need several SBCs to reach the scale of what many do here on selfhosted and once you reach 4+ SBCs the old x86 server starts looking cost effective all of a sudden. The biggest benefit though is the no noise and very low power consumption, which is great for stuff that will be powered on 24/7/365.
Really a mix is ideal, so you can get the benefits of cheap running costs of SBCs and the power and versatility of x86 for the tasks that require it.
Ah, I'd give it at least a day before I start digging too much into it.
The stickied posts get a bit weird and I've experienced them staying wrong until new ones are set. But this was last summer, unsure if it works better now or not.
The only thing I find concerning is the post "feedback on design and Firewall options" which you don't have and really should have unless there's something odd with that specific post. I have noted some issues with federating content from kbin/mastodon etc users but I saw that post on my self-hosted Lemmy instance...
Yeah, unless there are features hidden that are hardware based and doesn't rely on KIA servers then this is not a problem in the slightest.
It's vastly different from the paid unlocks of Tesla or subscription for hardware of BMW.
Don't group them under one banner and muddy the waters because if we do then all it will do is normalize what Tesla and BMW does and allow it to spread. Either that or make it so we won't get the features listed or the features will have an exorbitant cost attached when new to ensure they don't lose money from maintaining the service for the service life of the vehicle (or do Tesla shit of not letting the feature transfer when resold effectively impacting resell value negatively which is bad for the original buyer).
Cool, but I'm guessing that ain't especially cheap right? I pay $60 a year for 4 cores and 8 GB RAM (400 gb storage). Which I consider a pretty OK price. $5 a month.
... Touché
Yes, but in the post they also stated what they were working with in terms of hardware. I really dislike giving the advice "buy more stuff" because not everyone can afford to when selfhosting often comes from a frugal place.
Still you're absolutely not wrong and I see value in both our opinions being featured here, this discussion we're having is a good thing.
Circling back to the VM thing though, even if I had dedicated hardware, if I would've used an old server for a NAS I still would've virtualized it with proxmox if for no other reason than that gives me mobility and an easier path to restoration if the hardware, like the motherboard, breaks.
Still, your advice to buy a used server is good and absolutely what the OP should do if they want a proper setup and have the funds.