• 0 Posts
  • 3 Comments
Joined 2 years ago
cake
Cake day: June 7th, 2023

help-circle
  • Proxmox on a Lenovo micro form factor is probably a good cost effective option. Get a business class ThinkCentre, like an M720 or something similar that’s 3-5 years old that a corpo has just upgraded away from, i5 or Ryzen 5 with however much storage and RAM you want. Spin up a container specifically and only for PiHole+Unbound (and consider adding a pi or some other dedicated hardware for DNS later on for redundancy in case your main goes down), and then the rest is however you want to build your environment.

    For me, I’ve got a Pi dedicated to 3 key tasks: PiHole, Unbound, and PiVPN (edit: and Nginx Proxy Manager. It’s dedicated to 4 key tasks…). It’s basically my filtering interface between the home network the rest of the internet immediately after my router handles the frontline defenses, and then I’ve got a Proxmox cluster to run most of the rest of my internal services.


  • Ultimately up to you, but I’d go with no GUI and just use ssh (and sftp if you need to do file transfers).

    When I was using Docker, it was headless because the GUI just ate up space and resources I didn’t need. All your interaction will be in the shell anyway, launching your compose.yml files.

    But, if dealing with a headless machine sounds like more trouble than you want to try, install the DE if your choice and breathe easy because it’ll still work perfectly fine.


  • I think you’ve put more thought into how to get started than many others would! You have a pretty good plan from what it seems. My thoughts from each section below.

    Hardware: I’m partial to Crucial and Kingston for storage that is affordable and dependable

    OS: I’d probably spin up a Debian install if I were in your shoes and run my services using docker-compose files. It’s a quick and easy to get up and running, and despite the ease, there is still the option to do a lot of customization when you want to, and that will make it easy to learn more at your own pace and leisure.

    Services: For the CalDav portion, I’m really liking Radicale.

    Security: PiVPN is what I’m running on my actual RPi along with PiHole, and it was a super simple setup. I connect via Wireguard from any of my other devices.