For once I’m hoping In Betteridge is wrong on this one.

Oh I’m fully aware I’m just to lazy to set up jellyfin and navidrome quite yet.

I’d strongly recommend reverse proxy, some sort of security like crowd sec or fail2ban and sperate auth (authelia, aithentik) in front of anything you’re opening to the internet. Just opening services directly up to the internet is choice I’d politely describe as brave.

Sure but this won’t work if you’re accessing services outside your network like OP is doing. You’re going to need publicly available DNS records somewhere to do that.

I don’t believe pihole functions as an authorative DNS server though. Something like technetium does and they could be used as the nameservers for a domain while still offering all the same adblocking functionality that pihole does.

Though pihole could work of you were relying on a VPN to access your stuff remotely.

What’s you use case here? If you just need more ports for data drives and have a free pcie slot a used SAS HBA cards and use breakout cables to give you a bunch more data ports. These are very durable cards.

Womp womp.

Ah gotcha. See if if your raid controller can be flashed/switched to IT mode(HP might call it something else) as then you won’t have to deal with the raid controller’s raid settings and doing anything weird. Then you can just rely on snapraid to manage the drives.

When you say raid 0 on the data disks do you mean just having the disks present as single disks and not putting them into arrays? As seeing raid 0 and data storage makes me very nervous.

And yeah I’d take a disk out of your boot array and then that into a raid 1 so you can use the extra for storage/ redundancy elsewhere.

Alongside proton dB https://areweanticheatyet.com/ is also a good resource.

Caddy + crowd sec + some kind of auth solution is what I’m aiming for though I haven’t got authentik working with it yet so I haven’t opened it up yet. I wouldn’t want to do jellyfish without the auth solution though as there local stuff isn’t so robust.

VPN in and a few local users would be the most secure if you haven’t got too many folks connecting.

I’d avoid super short USB drives if you can as they tend just to be SD cards in disguise.

If possible for dB stuff I would recommend using actual drives as lots of reads and writes will very quickly wear out most removable storage devices.

Proxmox and truenas for all my physical boxes and then Debian for all my VMs and LXCs. I’m not all that adventurous when it comes to OS choice as I found things that worked years ago and I’ve stick with them ever since as I’ve not seen anything that really looks like it does anything interesting/new that makes it worth switching.