Good shout. I’ve just recently moved from Pihole to Adguard Home myself, complete with Hagezi lists. I consider myself very tech savvy and I work in the field but AGH suits my needs much better.

One example is wildcard DNS to route all of my hosted services via reverse proxy. In Pihole I had to make weird blocking rules to make this work, but AGH has specific settings for it. It also supports DoH out of the box, whereas Pihole needs non-standard faffery to get it working.

Very pleased with AGH in general.

HACS installs community integrations whereas addons are like external programs that hook in HA. You can do the same thing with HA in Docker by installing the addon containers separately and then hooking them in manually but HA OS makes it much simpler.

For example I’m running the Mosquitto broker, Z2M, a Visual Studio Code server, diyhue, and Music Assistant as addons.

Docco page about it is here: https://www.home-assistant.io/addons/

If you want to give Home Assistant a try like others are suggesting, save yourself some time and hassle and install Home Assistant OS in a virtual machine. While you absolutely can run it in Docker you lose out on some neat quality of life improvements like add ons (which, funnily enough, are Docker containers pre-configured to hook in HA).

Exactly this. Also it annoys me that Namecheap tries to automatically “top up funds” over a month before renewals are due. I think they’ve always done it but it wound me up enough this year to move to Cloudflare.

Yeah, everything that’s already been said, except that I specifically chose an off-the-shelf Synology NAS with Docker support to run my core setup for this exact reason. It needs a reboot maybe once or twice a year for critical updates but is otherwise rock solid.

I have since added a small N100 box for things that need a little extra grunt (Plex mainly) but I run Ubuntu Server LTS with Docker on that and do maintenance on it about as often as I reboot the NAS.

Just to add to the info so far: while you’re spending the effort doing a migration it’s worth going the extra few steps and moving to their Docker image. It’ll make any future server moves a doddle, not to mention updates etc.

Isn’t that exactly why so many of these company and app names have missing vowels? Because they can’t trademark a word but they can trademark a collection of letters that sounds like a word when spoken aloud. It’s really dumb.

Third Plex. It’s a bit baffling as to why it’s got such a bad rep recently because it performs its core function of serving media incredibly well, is super easy (barely an inconvenience) to setup, and there’s apps for every conceivable platform.

Yes there’s a few features locked behind a subscription (though they still sell lifetime passes, often at good discounts) and they’re trying to “legitimize” with their ad-backed streaming thing, but the core product of local media server is still very much there, and free, and isn’t going anywhere.

Webtop. Lightweight Linux VMs but in Docker.

That’s… A lot of storage. I’d say your options are, in no particular order:

• buy a 12 bay NAS.
• expansion unit. Do it as a separate volume and shuffle cold data onto there.
• upgrade the drives.

Failing that you could just have a bit of a purge? If not straight deleting stuff, move things onto an external drive.

You could also try deduping. There’s a script that’ll add any drive to the internal “supported” list and also enable dedupe on mechanical drives. The savings were minimal on mine but you might have more luck. https://github.com/007revad/Synology_enable_Deduplication

2. Sure but there’s no reason to openly advertise that yours has open services behind it.
3. Absolutely. There are countries that I’m never going to travel there so why would I need to allow access to my stuff from there? If you think it’s nonsense then don’t use it, but you do you and I’ll do me.
4. See point 3.

We all need to decide for ourselves what we’re comfortable with and what we’re not and then implement appropriate measures to suit. I’m not sure why you’re arguing with me over how I setup my own services for my own use.

Admittedly I’m paranoid, but I’d be looking to:

1. Isolate your personal data from any web facing servers as much as possible. I break my own rule here with Immich, but I also…
2. Use a Cloudflare tunnel instead of opening ports on your router directly. This gets your IP address out of public record.
3. Use Cloudflare’s WAF features to limit ingress to trusted countries at a minimum.
4. If you can get your head around it, lock things down more with features like Cloudflare device authentication.
5. Especially if you don’t do step 4: Integrate Crowdsec into your Nginx setup to block probes, known bot IPs, and common attack vectors.

All of the above is free, but past step 2 can be difficult to setup. The peace of mind once it is, however, is worth it to me.

A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset.