My current strategy might be a bit over the top,but it works.

I have two main entities that contain data worth backing up - the NAS and to a much smaller extend my Proxmox cluster (which is partly within my house,partly at Hetzner).

User PCs do not have any User data saved, they all work with network drives mapped to the NAS, only irrelevant amounts of data are stored on them that gets backed up via Free File Sync. For the Notebooks I use the same concept as we are using a WG VPN 99,9% of the time anyway,but some important folders get also synched via Free File Sync for offline use if no mobile connection is available.

For proper backups I have basically three classes of data that I maintain: Prio 1: The real real important stuff. Photos of once in a lifetime events, important documents, etc. Prio 2: The stuff you still don’t want to loose. All other photos, the scanned documents, home folders, VMs/LXX backups, configurations, etc. Prio3: Everything else,mostly data that could be downloaded again. Easily. Movies, etc.

Prio3 data is currently only living in the NAS and does get backed up once in a while on a external hard drive. It’s mainly backed up as I am lazy and in case the NAS craps out I don’t want to reload all the stuff…that would take months.

Prio2 data gets backed up fully: For the NAS data: It gets backed up to B2 with versioning according to my needs (usually 3d,2w,3m,1y,but that depends highly on the source). Additionally full external hard drive backups every few weeks. (I would kill to get my hands on a proper tape drive again,I had one back in the day,but it was used and old and died) Some data is also stored on Synology C2 atm,but I will replace that soon with another cloud provider, likely Hetzner.

For Proxmox: Basically the same, but I use TUXIS instead of B2 and Hetzner instead of Synology C2. Additionally I have a old PC with Proxmox backup server which turns on once a week and safes the whole cluster before turning off again. In the future this PC is planned to replace the External hard disk’s,but currently hard drive prices are insane.

For the P1 data: Same as above,but it’s definitely staying on a second cloud provider. Additionally I also create archive blue ray disk’s every few month. (Usually every 4). These go into the safe deposit box at my bank and additionally to a second storage location.

And of course I have detailed instructions about this in my will so even if both my wife and I die my kid can figure it out.

Just adding a few thoughts:

• If you already use Omada for APs it might be worth it to use their switches as well. Makes networking fairly easy. MKs are nice (I use them together with Omada myself),but basically everything you would need can be achieved with the Omada Switches as well. Only for the actual Gateway/Firewall I would rather go with OPNsense or, in a pinch, MK, with the later being inferior to OPNsense.

• Multiroom Audio I would very much recommend Amplipi, but I also might add that central audio with reasonably high quality is not as easy as it sounds electrically - I have seen more than a few installations that failed due to induction from other sources, timing issues,etc. It is sadly harder than one would think. It gets much much much harder for TV/motion picture relevant things as things are even more timing sensitive then.

• have a look at KNX for all smart home related things. It’s the gold standard.

Omada APs, various versions. Really happy with them, their WiFi is great and unlike Ubiquity they also work without the controller as independent devices.

And sadly Omada is years behind in their gateway/Firewall. OPNsense is far better in that regard, going back to a Omada gateway is like going back to a tricycle when you drive a car. Sadly.

First of all: Get the Instance it’s own VPS - Lemmy instances are very very fluid with their resources requirements and you don’t want the instance to bog down other services you use. Use another cheap VPS instance for your other services and link them up within Hetzner if needed.

This is even more the case if you host a public instance. I would even consider using separate accounts (even though Hetzner does officially not allow that) for that. Because if one of your users does something Hetzner finds ban worthy they will,under ideal circumstances, at least stop your VPS/quarantine it. (Been there) If you are really unlucky (CSAM material posted or federated in your instance) you will get your whole account banned. Which means all your other services are gone,too. (happened to someone I know)

Don’t get me wrong,Hetzner is great, I love them. But be aware of these points. They are very proactive when it comes to these points.

Beside that: Use Docker.

It sounds strange maybe,but I found Zabbix way easier for these scenarios. For more advanced deployments it is different,but for what you describe it is really easy

They set up a business. They do business. They should ask someone to do this whose business it is. Not you. They are taking advantage of you.

You will certainly and 100% ruin your friendship with them.

• Keeping a server secure is an ordeal for a professional - especially when it comes to using it as a business server.

• Doing E-Mail yourself, especially in a professional capacity, is a god damn nightmare and even most professionals refuse to do it and rather pay someone who handle it. For a reason.

• The usecase you mentioned does not require a server. It can easily be done via a web hosting provider. Unless there is something shaddy going on and you/they are afraid of storing that stuff with a provider. But for what you mention here you need a simple web hosting provider for 5 bucks a month.

• Actually doing that yourself is far more complicated than you imagine here. It’s not just the server. How do you get a connection with a static IPv4 to host your services? Actually preferably multiple static IPs? Are you considering a CloudFlare tunnel? How do you plan redundancy if that connection craps out? Or the server kicks the bucket. Or power goes out? This alone costs FAR more than the money you pay for a cheap webhoster or even a VPS. (Which you don’t need,imho)

For the love of god or whoever: Don’t do that. You will be liable/responsible to them (at least from their point of view) if their IP is on Googlemails blacklist and now “that one important client mail did not arrive in time”. Or if the cheap residential DSL craps out and their very important site is just having the sale of their life?

I am absolutely for self-hosting things, don’t get me wrong. I selfhost basically everything (but no mail…that is a shitshow), mostly on FOSS. But don’t start with someone else’s business if you start doing this. Selfhost a few easy things. Get a Mini PC and proxmox, selfhost within your home network, then expand slowly.

OPNsense on any small scale dual LAN box, either a used mini PC or a purpose made one.