I just ordered a Raspberry PI 4 with 8GB RAM thinking that I can use it for some common home lab/server/automation. To start with, I am planning to do the following.
Install PiHole for Ad blocking
Install FreeNAS/OpenMediavault to backup the data on a 14TB hard drive and use Backblaze B2 for cloud backup.
Install syncthing to sync all data from multiple PCs into the 14TB hard drive.
Install NextCloud to share the data outside of my home network.
If I install the above, do I need to have an advanced firewall like pfsense or untangle?
I have few questions and need clarifications. Could you please help? My questions are below.
Can I install all softwares directly on the Raspberry PI? Or use some virtualization software to create VMs and install one service per VM? Or can I use Docker to install one software in a docker container? Which option is better?
I bought the 14TB hard drive from Best buy during the black friday sale. The hard drive came with a case. If I leave it on for 24X7, will it generate too much heat? Should I shuck the drive by removing the case and use some fan for cooling? If a fan is required, do you happen to know which one will work best?
Do I need a UPS to power up the Raspberry PI and hard drive?
For your first question, you should be fine with all of those except you’d replace FreeNAS (now called TrueNAS) with OpenMediaVault. It should all run fine, but if it does slow down a bit, you may have to add a second Pi. I doubt it though, I run about that many things on one of mine and it’s great.
You don’t need an advanced firewall, but you may have to forward ports depending on if you want things to be available externally.
You can install them all on the Pi. You shouldn’t need to containerize them. Docker containers work well, but are a higher level of complexity depending on your comfort level. It’s add overhead IMHO. It does work great, but keep in mind that the Pi is ARM, so you’ll need special containers if you go that route. I wouldn’t bother with that (yet), just install the apps.
As far as leaving the drive on all the time, that shouldn’t be an issue. If it does end up being an issue, never buy that brand again. My line of thinking, is if the manufacturer can’t make something to survive being on 24x7, it’s not worth buying. Since a manufacturer won’t want that reputation, I highly doubt it will be an issue. I haven’t had a problem.
A UPS is only to protect you from sudden power failures. Always a good idea for servers.
I will be receiving my Raspberry PI tomorrow and I am planning to install dietpi on it. I did some research and I could see that dietpi is very optimized and light weight and it has inbuilt support for installing multiple services like syncthing, nextcloud, pihole etc. They don’t seem to provide openmedia vault and it is the only thing I might have to install manually.
I will try to setup my PI in the next few days and I will post my experiences/problems if I find anything.
One other possible enhancement you could add is to use Traefik or nginx as a reverse proxy for items with a web interface so that you could reference them all on port 80 or 443, as needed, with unique hostnames.
I would probably try that on a different machine, perhaps one or more virtual machines on a workstation of laptop using VirtualBox to confirm how it works before considering deploying it in production.
My experiences so far. Installed dietpi first, but I was not able to install OpenMediaVault with DietPI.
So, I installed Raspbian, and did setup the following services.
OpenMediaVault
Docker/Portainer
Nginx Proxy Manager
Home Assistant
Cloudflare Dynamic DNS
AdGuard
Everything has been running smooth, most of them in their own docker containers, except Home Assistant. I had to install Home Assistant as a standalone app/service to get added functionality (Supervisor Addon).
Next, I am planning to install Syncthing, and PiVPN/WireGuard, but haven’t had a chance to do that yet.
Everything is running on a 128GB SD card, but I am planning to move them to an SSD for more reliability.
I have heard that Nginx is better than Traefik and hence I have gone with Nginx to point the services to a domain that I purchased.