Looking for some advice on what to do with my selfhosting setup. I currently have 2 Vostro 430’s (salvaged from work), and have retrieved 5(!) newer computers from work:

  • 1 ThinkStation P330 (1x16gb ram),

  • 2 ThinkCentre M720 SFF’s (4x4gb ram each), and

  • 2 ThinkCentre M73’s (mixed ram amounts/brands, may salvage from the Vostro’s depending)

The Vostro’s are currently setup with 1 of them being baremetal Debian with a Pihole, and a Debian VM with a Headscale server, and the other being baremetal Debian with… just a few containers, and baremetal tailscale as an exit node (I don’t like this, need to do better). Using Authelia with a password to block incoming connections, and Traefik as my reverse proxy. It also has 2x10TB and 1x7TB HDD’s in Raid1.

My current plan is to see if the M73’s are good enough for light emulation (PS1 for sure, PS2 maybe) and Jellyfin, hook 1 up to my TV (to replace the 25’ HDMI that is slowly killing itself under it’s own weight), and 1 for a relative, connected to my server via Headscale/Tailscale.

I currently have 1 of the M720’s hosting a small webserver to learn HTML so I can replace my workplace’s website (I did do a temporary replacement already, but it’s not great). Trying to decide if it is staying completely separate, or if I am utilizing it in the overall setup.

Now, what I am looking for advice on, is how best to utilize what I have, and any recommendations on better software to use.

  • Do I dedicate each computer to different tasks, or learn how to do a docker swarm/kubernetes cluster/something else?

  • Should I set up one device as a dedicated NAS, using a NAS focused OS, or continue to use SSHFS mounts?

  • Should the file storage be on the best hardware I have available, mid ranged, or should I save one of the Vostros specifically for being a NAS with nothing else running on it?

  • Should I learn how to do SSO with Authelia, or is there a better program for SSO (I want to do better with security, and SSO feels like the best place to start)

  • What do you recommend as a reverse proxy? I have my Traefik configs working great for automatic service discovery, but the way it stores the certs feels impossible to extract for other services that ask for them, and I have no idea what I am doing wrong with that - hasn’t been a problem, but I feel like I should be doing better with this.

I had other thoughts, but they swam away while writing this. If you ask a question/make a comment and I don’t answer right away, it means I fell asleep and will answer tomorrow. I am open to any and all suggestions, and am happy to answer any clarifying questions!

  • axx@slrpnk.net
    1·
    16 hours ago

    Only commenting on the SSO part, but try Kanidm, it’s really well done and the community is lovely.