

You should look into K3S
You should look into K3S
Yeah I would always recommend hosting locally and then if you want external access use wireguard
Calm down. Don’t expose anything without allot of consideration. Also why do you want to expose it to the internet?
What? I’m so confused what IPs are allowed on your VPN “client” and “server”. I think something is very wrong.
Raspberry Pi4/Pi5? Or similar?
Well depends on your current setup. If your current setup is a 1 WAN and 1 LAN(No Vlans) and your ISP doesn’t use PPPoE or similar it should be out of the box good to go, exept you needing to maintain it aka update and monitor. You can setup auto updates but checking logs and maybe setting up IDS/IPS would be a good idea.
What do you mean “ditch a router” pf/opnsense are firewall/routers. If you want WiFi you will need a AP(Access Point) that can either be a dedicated AP like what Ubiquity offers or a WiFi router that allows you to disable all “router” features. As for dongles I would think that it’s a bad idea. I personally use a Unifi 6 Lite that is running OpenWRT. Also I use Opnsense due to the hardware support and it having a better layout in my opinion also some nice to have plugins.
Also if I was you I would recommend OpenWRT it might be a better fit :)
Well experience and the concept of pods
Edit: Just reread my response and thought it was quite bad so with this edit I hope to fix it. To answer your question regarding a one node setup with K3S compared to Docker Swarm is the following. When you later might want to expand your cluster or swarm K3S will be more flexible due to how it is built (Its architecture). Also you get the advantage of what is called pods that have way more isolation when setup correctly. Also if you use something like Harvester by Rancher or Proxmox you can turn one server into several this would allow you to have a several nodes and therefore also load balance and higher availability. I suggest you check our Kubernates(K8s) and K3S documentation and get to know the architecture of it! And the last and probably bigest advantage is that you will learn K3S and therefor K8S, this is a skill that is sought after in the IT industry!
I hope this is a better response :)
Yes and No it depends. For example if you want to have better security and have your services to have as little down time as possible its a great choice also k8s is almost never needed(except is some scenarios) but rather k3s
Good luck :)
That will be a beast of a server but you will miss out on server features. I have a server with I7 2600 and 32GB DDR3.
Two things, one and I’m sorry for this one but have you tried Linux? It has way less overhead it should even be able to run on your MacBook air. Second I would recommend something more built for heavy loads. An example would be System76s powerful laptops category I would also check out TuxedoPCs laptop offerings. Also why I recommend Linux is because if you are coming from macOs it will be really familiar, also you can make so Linux works and behaves like any macOS version without big hassle. (I have a preference bias but all my hardware recommendations work with windows to. They can also be a good reference)
Depends on allot of things, like the systems specs, your usage your connection to the system etc.
It would be hard/really hard. Have you tried resetting the bios by removing power and CMOS, holding down the power button on the system while it’s unplugged and seeing if it clears BIOS?
Hey I loved your diagram but can I ask you for guidance on how to use and setup proxmox because I’m having a tough time, also can I steal the FAQ? It was 10/10
Question what OS?
Hey! I only have some recommendations on security (I’m a security nut). I would recommend you setup several vlans minimum 2 so your IoT(Smartbulbs, printers etc) are on their own virtual lan. Why? Simple your IoT stuff doesn’t get updates the same way as your other devices so they always are higher risk I would actually suggest that you block their internet connection completely. I would also not use Upnp at all especially with printers/IoT they are known to open ports via Upnp aka exposing themselves to the entire internet! I would love to help you more tbh I’m also learning, and setting everything up!
I think OpenWrt is your friend in this case
Are you sure you aren’t looking for a router/firewall? Because if it will be directly connected to your ISP they will not be happy. If you are looking for a managed switch you should not put firewall rules on it but rather let your router and server be your firewalls. Also if you have 1Gbit you only need a switch that can Handel 1Gbit plus all the internal connections. Also how many ports do you need? I can recommend the Netgear GS108T but I would recommend using OpenWRT on it and for a router either a Thin Client with OPNsense or a OpenWRT compatible router.
I have a bit of knowledge on how it works and when its use could be a good choice, but I have only played around with it. Either way I would strongly suggest you look into Rancher and Harvester by Rancher. I’m most likely to personally use them too thanks to their help with setup and configuring security for your K3S cluster. Also look into thier Longhorn software when it comes to the storage part. I hope I could be of help!