Id recommend setting up a domain even if just for local use. No-ip.com is at least working for me right now (i have free throwaway domain set up there and my router is keeping my dynamic ip dns records up to date so i can wireguard into my router/lan even if the ip changes).

You dont need to expose your services but if you ever do want to, it’s so much easier if youve got a working reverse proxy infront already set up plus you can use https via let’s encrypt certifications inside LAN

Setting up (sub)domains in lan forces you to learn to use a reverse proxy like caddy traefik or nginx. Personally to me NPM(nginx proxy manager) was the easiest to use but i use caddy nowadays. For half a year i didnt expose anything but after wanting to share some albums with the extended family i decided to do so via pangolin hardened with crowdsec running on a virtual private server. Pangolin - while not as easy as tailscale is selfhosted and is very well documented and works well. Then internally, i still have my casdy reverse proxy and certs.

All the services work with the same domain names internally (via the routers dns) and externally. Internally the domain simply points to my severs LAN address. Externally the domain points to my VPS where Pangolin relays my internal domains to the users but adds an extra authentication layer/recerseproxy/access control layer infront. For authentication i use Pocket ID. I can reach nextcloud and access and edit all my documents and other files right there in the browser from any computer which is very convinient.

Im using debian btw and non zfs system, so mileage may of course vary.

Two 4tb disks in raid 1 is a waste of money for most selfhosters. Unless you really want to avoid downtime due to disk failure. (and even then you could get a power outage or a network failure). A second disk will protect you from disk failure but not from other forms of data loss (like you fucking up something and erasing all of your family photos).

Do you also plan to buy some cold storage medium and cloud storage or a remote backup server or something (for 3+2+1 backups)? thats way more important.

Ive got an office pc with a 9th gen intel i3 4 core, 16gb RAM, you can propably find one for 100-200 dollars. Ive installed a 4TB NVMe into it.

For nightly remote backups i have a pi with another 4TB NVMe(overkill for sure, you could use pretty much anything for this) and for cold store i have 4TB external that i plug in when i remember.

I run docker and immich, nextcloud+office, jellyfin + a bunch of smaller services. I could perhaps use a little bit a better gpu for jellyfin transcoding sometimes with certain 4k files. Otherwise no need for upgrades.

Im running my own instance. But yeah, videos from google servers won’t load behind a proxy. Or they might work for a while but then wont and then you have to switch vpn servers which is very annoying.

I use a small wireless logitech keyboard-mousepad so it works very well. I had to make exceptions in the router for googles video severs to bypass the vpn though.

My phone is on a wireguard tunnel into my router which puts my wireguard vpn in the same forewall zone as my home LAN. Internet access is routed through the tunnel and then through another tunnel to protonvpn and from there to the www. It was a bit elaborate to set up but it works. Wouldnt really recommend the setup for everyone, it was a bit of a pain in the ass to get working. I used Openwrt and policy based routimg plus wireguard for the tunnels into and put of the router.

Oh i have vaultwarden as well nowadays

As someone who went through this after trumps 2nd term and power grabs i can give you my process:

1. angrily unsubscribe all big tech subscriptions
2. make a protonmail and tutamail account, realize I like proton suote more and decide to subscribe
3. transfer all passwords to proton suite
4. download all photos and other from cloud to an external drive. TURNS OUT THIS TAKES SEVERAL DAYS WTF
5. angrily order a rasp-pi and an external SSD
6. use step by step tutorials from pimylifeup to install docker and immich. Fall in love
7. gradually (via help of google and GPTs) become confident enough with command line to start managing the server headless over SSH

Fast forward 6 months: My router is now running OpenWRT. With a few necessary exceptions my network access is always through ProtonVPN. My external devices are connected via wireguard to the router when not on home wifi and only after that reach the www. I have 24/7 access to my services from everywhere. My main server is now an old office mini pc running about 10 services. Im using borg for nightly snapshots(its a bit like apple time machine) and after that everything is backed up to another server at a friends house via rsync and ssh. I have a third mini computer whose purpose is to be my tv’s UI with access to services like the national broadcasts web ui and my own jellyfin and invidious (adless youtube client) The tv does not have an internet connection anymore. I even made a custom land page that automatically opens full screen in a browser when open my tv.

The point is: this builds gradually and you have fun doing it. …until it breaks :D The most painful parts involved networking so you can settle for LAN only at first to keep things simple