Sounds quite good, but just use regular Debian, ubuntu isn't any better and annoying with their Snap BS.
I guess i need some kind of VPN for a secure use?
You can set up a Wireguard VPN.
this post was submitted on 26 Jun 2025
47 points (100.0% liked)
Selfhosted
46671 readers
563 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
The distro doesn't really have much impact on the end result. Use what you prefer. Especially if you are using containers which is really the way to go anyway.
It's worth noting that there are some problems with using Snap. I don't recall the service I was using, but I was pulling out my hair trying to solve something that I could not get working. Turns out that the snap installation did not function in the expected way and the solution was to re-install without Snap.
The only thing missing is a good backup.
If you are storing anything important -- especially Immich and Vaultwarden data -- you should have a good offsite protection strategy. And even the HASS config should be backed up with versioning because rebuilding from scratch could be painful once you get deep into it.
I'll let others chime in on possible good backup options because I use Veeam and Azure, which really isn't in the spirit of this community, and I'd be interested in good open source options myself.
Also, RAID (mirroring) is NOT a backup.
Not wrong, just saying that every Vaultwarden client is a backup basically since they cache everything and it doesn't expire.
And you can even export it there.
Could I go with an external hard drive and make a backup there? I don't think an offside backup is possible for now only a cloud service would be an option.
Yep, that would work fine for the first line of defense. Eventually, you can expand it to copy, replicate, or drive swap the onprem backups offsite somewhere (e.g., cloud, office, or family member) if you want to protect your data from site loss (e.g., house fire).
OK I think family is not an option so maybe I will take something like koofr into account
I run backups to a USB drive which is way to grab in the event of an emergency. Just make sure you test them every more and again, and possibly only connect it when needed if you're at all worried about malware (a cryptolocker will happily take out any attached storage if your machine is infected).
Get two external hard drives and swap them into a fire safe occasionally.
That way if there's a need to evacuate you can just grab the fire safe and run.
Yes!
Someone in this community once said that if you're not ready with a backup plan, then you're not ready for self-hosting.
i found containers helpful... it was simple to spin up a VPN container (gluetun), and push through any services/access/other containers (like pihole) through that. i really appreciated this because if the vpn goes down i'm not suddenly leaking my ip.
I think you've put more thought into how to get started than many others would! You have a pretty good plan from what it seems. My thoughts from each section below.
Hardware: I'm partial to Crucial and Kingston for storage that is affordable and dependable
OS: I'd probably spin up a Debian install if I were in your shoes and run my services using docker-compose files. It's a quick and easy to get up and running, and despite the ease, there is still the option to do a lot of customization when you want to, and that will make it easy to learn more at your own pace and leisure.
Services: For the CalDav portion, I'm really liking Radicale.
Security: PiVPN is what I'm running on my actual RPi along with PiHole, and it was a super simple setup. I connect via Wireguard from any of my other devices.
Samsung for storage. Crucial if you can't get Samsung.
Debian only with ssh installation or with gnome GUI / Desktop-Environment?
Ultimately up to you, but I'd go with no GUI and just use ssh (and sftp if you need to do file transfers).
When I was using Docker, it was headless because the GUI just ate up space and resources I didn't need. All your interaction will be in the shell anyway, launching your compose.yml files.
But, if dealing with a headless machine sounds like more trouble than you want to try, install the DE if your choice and breathe easy because it'll still work perfectly fine.
THX at all for so much nice comments. Got some good inspiration again. Maybe I search a little more for a little more potent mini PC. Buy an external drive as back up and use my koofr account a it more. Think I will go with Debian and a DE. Crucial or Kingston as storage looks nice. And yeah need to look what can I too with wireguard.
Have a look at YUNOhost for your OS. It's based on Debian and is designed to be really easy to set up and use, which might be useful for you as you have young children and not much time.
A lot of that stack looks similar to mine, though I'm running bigger hardware for various reasons. You might want to go with something with more cores than an i5 depending on how much you find yourself utilizing.
Have you considered Nextcloud for documents and syncing functionality? I went through a few ways of running it before ended up with the Snap package which has been fairly solid for over a year now (Docker was good for setup, but upgrading was problematic if not kept up with religiously)
Vaultwarden is Excellent.
Calibre-Web is good, especially if paired with the application to "extract" books, and an app like Moon+ on mobiles
Audiobookshelf is pretty solid. Pairs well with Libation.
HASS I initially ran on my server in a container but moved to dedicated hardware so updating and reboots didn't break automatons. Got a HASS Yellow for the PoE and Zigbee.
If you're looking for audio/video library management, JellyFin is pretty easy to get running and has apps for phones plus many TVs. Finamp is a good mobile app for the music part
I don't have any document stuff on PC its just for photo video backup with immich. Audio and some homeassistant stuff.