TL;DR: Unsure if I should just run Syncthing, or do a Nextcloud. Tailscale seems at risk of enshittification, so do I find alternatives or just use it for ease? Is Immich easy enough to set up without Tailscale? Stick with docker or podman for ease? Are externsl drives easy to work with? Should my RAID1 be NTFS or Ext4?
Starting My Selfhosting Journey I recently got my drive bay and Optiplex and have already flashed Proxmox onto it so I could eagerly spin up some local services to see what I wanna stick with. Or at least I tried anyway 😅
Jellyfin in a debian container was quick, painless and seems to work fine. But I was trying to set up Nextcloud and I felt lost, with the many different ways people go about it. When I tried to set up Nextcloud AIO in a Debian VM with docker it forces you to set a domain for your instance, but I only want to do local for now (ease and security until I get the hang of things). Which then runs into the hosting a domain via Tailscale problem. 90% of guides, videos, scripts, etc. seem to only focus/support Tailscale, but they force you to use third-party accounts for logins, and I started this whole thing to distance myself from Big Tech. Is Headscale or NetBird a better idea (when I do decide to remotely access)? Who’s more beginner friendly? Similarly, docker or podman?
I do know the difference between Syncthing and Nextcloud, but I wonder which I should stick with. I want to start being better about backing up my phone and laptop, and I know I could use syncthing to share these backups with each other, but I thought it’d be nice to try to replace my minimal Google Drive and Onedrive usage with Nextcloud and just put everything there. I’d still have to backup that data to an external location though if I want to follow the 3-2-1. So should I just do encrypted backups and put them in a cheap provider’s cloud, and drop the idea of a selfhosted cloud?
Similarly related to the Nextcloud issue, is Immich another heavily Tailscale dependant service?
Side note: How easy is it to use external drives with these services I’ve mentioned? I plan to use my drive bay that currently has 2TB (4 drives running in RAID1), so I can only connect to it via cable. Can I have most of my media stored on the drives, or will that not work? Also, I swear I had to keep verifying my login every few mins when accessing my drives on ext4 format? I switched it to NTFS recently but Windows can’t read/see the drives at all (does it not like Linux formatting it?)
Future Ideas: Once I get these first few down, any suggestions? I’m feeling the power rush and craze from being free and able to run my own stuff, and I want to prove to my mom how useful it’ll be. I want to move away from YT Music, and I’ve heard Jellyfin + Jellyamp works good, but is there another I should run (Navidrome)? Should I get into the arr services and torrenting (I do have ProtonVPN)?
I tried looking at previous posts but I just wanted a little more personalized advice. I’m extremely greatful for any help and I will make sure to post my beautiful setup later once I get it going after y’alls input. It’s really exciting thinking about the possibilities!
Id recommend setting up a domain even if just for local use. No-ip.com is at least working for me right now (i have free throwaway domain set up there and my router is keeping my dynamic ip dns records up to date so i can wireguard into my router/lan even if the ip changes).
You dont need to expose your services but if you ever do want to, it’s so much easier if youve got a working reverse proxy infront already set up plus you can use https via let’s encrypt certifications inside LAN
Setting up (sub)domains in lan forces you to learn to use a reverse proxy like caddy traefik or nginx. Personally to me NPM(nginx proxy manager) was the easiest to use but i use caddy nowadays. For half a year i didnt expose anything but after wanting to share some albums with the extended family i decided to do so via pangolin hardened with crowdsec running on a virtual private server. Pangolin - while not as easy as tailscale is selfhosted and is very well documented and works well. Then internally, i still have my casdy reverse proxy and certs.
All the services work with the same domain names internally (via the routers dns) and externally. Internally the domain simply points to my severs LAN address. Externally the domain points to my VPS where Pangolin relays my internal domains to the users but adds an extra authentication layer/recerseproxy/access control layer infront. For authentication i use Pocket ID. I can reach nextcloud and access and edit all my documents and other files right there in the browser from any computer which is very convinient.