Gonna check it out!
Is it easy to setup automatic responses to the alerts, f.e. restarting a service if it isn’t answering requests in a timely manner?
Have you used it together with Windows Servers too?

Regarding management UIs I’m a fan of Cockpit (https://github.com/cockpit-project/cockpit https://cockpit-project.org/)

Regarding management UIs for docker I believe most use either portainer (https://github.com/portainer/portainer https://www.portainer.io/) or dockge (https://github.com/louislam/dockge https://dockge.kuma.pet/).

Regarding Samba most NAS devices simplify it a lot, but it isn’t that complicated to do on Fedora either and once you’ve got it setup it’s not gonna need a lot of tinkering. (https://docs.fedoraproject.org/en-US/quick-docs/samba/)

Whether you invest in a NAS or not I recommend you invest in a USB disk large enough to act as a backup for the storage disks. That’s not an investment for later but one you want right away. And do make certain it takes backups, not replicates data. A popular option is Borg Backup (https://github.com/borgbackup/borg https://www.borgbackup.org/)
If I went for a NAS I would Borg Backup the laptop to the NAS and then use the NAS own backup software to backup to the USB.

So… no need for a DE :)

No real need for me to remove it either, but your point stands. :)

Cockpit
I do know about and use Cockpit with said virtual machine manager but I mostly use it as a shutdown/boot/restart app in my phone and a convenient service monitor and log viewer when troubleshooting.

Wireguard/OpenVPN
I really should try out Wireguard sometime but currently OpenVPN is fast enough for my bandwidth and I was already proficient with setting it up before Wireguard.
The WebUI definitely looks useful.

For linux this is as easy as script <filename>, ex:
[user@fedoragaming ~]$ script 20240313InstallingJellyfin.log
Script started, output log file is ‘20240313InstallingJellyfin.log’.
[user@fedoragaming ~]$ exit
exit
Script done.

edit: and for Windows I recommend using putty, it can also save sessions to logs.

My Debian Hypervisor do have a DE (GNOME) to be able to easily access virtual machines with virt-manager if I mess up their networking, my Debian VMs run CLI only though.

Regarding your last section I agree strongly - I only expose my vpn with no other incoming ports open. You also don’t need to invest in a domain if you do it this way.
I don’t mind helping my friends install their openvpn client and certificate and it’s nice to not have my services bombarded with failed connection attempts.

I definitely agree on starting to tinker right away and to setup snapshot/backup for your stuff and then break it. It also makes one learn how to roll back and restore which is as important as setting up the snapshot/backup in the first place.

Basic knowledge that makes selfhosting easier

1. Some networking basics (Firewall, VPN, NAT, DHCP, ARP, VLAN) makes every selfhosters life easier.
   1b. Your ISP router probably sucks, but you might be able to experiment with some static DHCP at least. I’m a fan of the BSD based routers opnsense/pfsense but depending on what router you have you might also be able to run OpenWrt on your existing router.
2. Some management system and filesharing basics (NFS, SMB, SSH, SCP and SFTP).
3. Learning how to set up a backup for your stuff. The hypervisor you choose may or may not have a built in solution.
4. Checking out a few different hypervisors (Proxmox, Incus, KVM/QEMU, etc) and find out which one you wanna dive deeper into.
   4b. Learn how to make a snapshot for easy rollback in said hypervisor ASAP. Being able to undo the last changes that broke a machine is a godsend.
   4c. VM, LXC, Docker and Podman basics (what are they, how do they differ, which one fits my usecase?)
   
   I know Flackbox has a good CCNA (networking) study guide on youtube, but that is way too in depth for a self hosting beginner.
   Here’s some introduction to different parts of the network:
   Free CCNA 200-301 Course 06-05: IPv4 Addresses
   Free CCNA 200-301 Course 23-01: DHCP Introduction
   Free CCNA 200-301 Course 12-04: ARP Address Resolution Protocol
   Free CCNA 200-301 Course 21-01: VLANs Introduction
   Free CCNA 200-301 Course 21-04: Why we have VLANs

Any router that supports latest openwrt will be able to do a mesh network, if you have the option to run cable I would recommend ethernet backhaul instead.

Sometimes there are caveats when setting up the mesh, f.e. the firmware issue and fix here:
https://www.tekovic.com/blog/openwrt-80211s-mesh-networking/

Hardware list:
https://openwrt.org/toh/start?toh.filter.supportedcurrentrel=22.03|23.05

edit:
OpenWrt Mesh guide:
https://openwrt.org/docs/guide-user/network/wifi/mesh/80211s
https://openwrt.org/docs/guide-user/network/wifi/mesh/mesh11sd

edit 2 adding the openwrt warning here:
It is unfortunate that some manufacturers have used the word “Mesh” for marketing purposes to describe their non-standard, closed source, proprietary “roaming” functionality and this causes great confusion to many people when they enter the world of international standards and open source firmware for their network infrastructure.

The accepted standard for mesh networks is ieee802.11s.
The accepted standard for fast roaming of user devices is ieee802.11r.

These are two completely unrelated standards.

The main config needed is AP+Sta mode, which is explained here:
https://openwrt.org/docs/guide-user/network/wifi/ap_sta

Pretend the “main router” is a hotel wifi and use the TravelMate package.
https://github.com/openwrt/packages/blob/master/net/travelmate/files/README.md

You setup Proxmox Backup Server on separate hardware and then you add it as a storage option in your Proxmox Virtualization Server.
I haven’t dived into it but I imagine you could run the Proxmox Backup Server as a VM in your Synology NAS.
https://www.proxmox.com/images/download/pbs/docs/proxmox-backup-3-1.pdf

edit: Unofficial PBS Docker github: https://github.com/ayufan/pve-backup-server-dockerfiles

Found an interesting read regarding the matter here:
https://old.reddit.com/r/ceph/comments/mppwas/single_node_ceph_vs_zfsbtrfs/
Most seem to recommend going for ZFS instead if using a single machine but there is a person discussing his first hand experience with single node Ceph.

portainer.io with debian gives you a web UI if that’s the only thing stopping you.
There’s a Community Edition (CE) here: https://www.portainer.io/install

I think Mediasonic still makes 8 bay DAS units, they’re becoming a lot rarer.
I would probably start looking at NAS units if I were you, or buy a bigger tower case and fit the disks internally instead.

I use cockpit and my phone to start my virtual fedora, which has pcie passthrough on gpu and a usb controller.

Desktop:

Mobile:

As part of the transition of perpetual licensing to new subscription offerings, the VMware vSphere Hypervisor (Free Edition) has been marked as EOGA (End of General Availability). At this time, there is not an equivalent replacement product available.

For further details regarding the affected products and this change, we encourage you to review the following blog post: https://blogs.vmware.com/cloud-foundation/2024/01/22/vmware-end-of-availability-of-perpetual-licensing-and-saas-services/

• https://kb.vmware.com/s/article/2107518

• KVM/QEMU/Libvirt/virt-manager on a Debian 12 for minimal installation that allows you to choose backup tools and the like on your own.
• Proxmox for a mature KVM-based virtualizer with built in tools for backups, clustering, etcetera. Also supports LXC. https://github.com/proxmox
• Incus for LXC/KVM virtualization - younger solution than Proxmox and more focused on LXC. https://github.com/lxc/incus

Passbolt and Vaultwarden has been recommended so far. Gonna look into them later! :)

Only client side from what I can find. The server seems to be Docker based.

The problem with the KeePass apps is that it works by syncing database files which means that there can be sync conflicts. Okay for me to handle, but not for the rest of my household.
I really want a server-client system where everyone works in the same database.

Bitwarden is Docker, but also very well-liked. Might have to give up on the .deb / .rpm wish.
Thanks for the suggestion!

There’s multiple guides on virtualizing pfsense in proxmox, but the easiest is to simply pci passthrough the nics you wanna use.
I do recommend you leave a physical nic for proxmox itself to maintain LAN access to it if your pfsense is down.

No problem using multiple physical and virtual ports for a pfsense in proxmox

Yeah, you need to install cockpit on any linux you wanna manage using it, then you can use the ssh keys to setup so your cockpit session on the hypervisor gives you access to your vms too.

No problem running virt-manager on the hypervisor itself. You can also use https://cockpit-project.org with the cockpit-virtual-machines addon to manage kvm vms from https://machineip:9090

Running a Debian Bookworm hypervisor using KVM/QEMU with virt-manager for vms + Incus for lxc containers gives you a lot of freedom with how you use it.

edit: It also means you build your own hypervisor from parts - kinda like installing postfix/dovecot/mariadb/spamassassin instead of a packaged solution like mail-in-a-box. It takes more time and effort but I find I understand the underlying technologies better afterwards.