NUC, Proxmox and HA (a noob seeking for help) Update (4/8/24)
Hello everyone,
I would like to get started with selfhost with two projects.
Project A (for me):
A NUC with Proxmox installed on it, two VMs including a Home Assistant and a NAS system that I haven't chosen yet.
The only question I have with this project is:
how to access the NAS and HA separately from the outside knowing that my access provider does not offer a static IP and that access to each VM must be differentiated from Proxmox.
Project B (for my uncle):A NUC (with Proxmox or not, I don't know yet, perhaps simpler for making backups), with HA but especially Frigate.The goal is to use Google Coral to do recognition on 3 video surveillance cameras.
My questions are:
is Coral really useful with 3 cameras?
do you need a Coral in USB or M.2 version?
are there affordable NUCs with free M.2 slots?
won't proxmox add a layer of complexity with Coral/Frigate/a Zigbee dongle?
Thank you in advance for your help and sorry if my post is long.
PS: if you have recommendations for cameras that work with Frigate and are self-powered with solar panels, I'll take them!
Edit : 8 april 2024
A little update.
Thank you everyone for your super quick responses!
Regarding my uncle's project and after big discussions, he is going to buy Reolink cameras and that's it. This will be much simpler for maintenance than building a server.
Regarding my project:
I chose a Beelink Mini S12 pro with an N100 processor (for its low consumption) with a 2.5 bay for an SSD for my Nextcloud.
I wondered if I wouldn't take the opportunity to add pihole and that's where new questions arise...
I see a lot of people installing Pihole on Docker, should I put it on Docker? Or create a VM?
Should Docker be installed on Proxmox or on a VM?
Is Proxmox really useful, shouldn't I better install HA/Nextcloud/Pihole under Docker directly?
how to access the NAS and HA separately from the outside knowing that my access provider does not offer a static IP and that access to each VM must be differentiated from Proxmox.
HA has add-ons for duckns and nginx-proxy-manager which should solve this... Or alternatively use those things in docker or by installing on your host OS.
is Coral really useful with 3 cameras?
Yes if you want object detection
do you need a Coral in USB or M.2 version?
I've only used a USB, I don't know how to pass M.2 through to the VM but I'm sure theres tutorials out there if you want to.
are there affordable NUCs with free M.2 slots?
Can't answer that one.
won't proxmox add a layer of complexity with Coral/Frigate/a Zigbee dongle?
Yes, you'll need to know how to pass through the devices to their respective VMs.
HA has add-ons for duckns and nginx-proxy-manager which should solve this… Or alternatively use those things in docker or by installing on your host OS.
I get this point, but I don't understand how do I manage my NAS VM with this.
Oh right, so the NAS you can setup with the addon Samba NAS.
DuckDNS will mitigate your issues with not having a staic IP (alternatively theres any number of DynDNS programs you can look into if for example you already own your own domain name)
Nginx-Proxy-Manager allows you to forward ports based on the domain used to connect so, you might not even need it really but if you wanted for exmple to have an address like mysupercoolnas.duckdns,org rediect to one proxmox vm and mycoolassitant.duckdns.org to reditect to HA you could do that. Or you could just have one DynDNS setup and use port forwarding on your router to handle what ports direct to which VM.
Nah it sounds far too simple to "just install Tailscale and you're good" doesn't it? But it really is kinda that easy.
Install the Tailscale add on for Home Assistant, sign in and set up an "exit node" (it's a menu item, easy) then install Tailscale on your phone.
Switch it on on your phone outside your network. 3 dots in the app and select "Use exit node" and select the one you set up.
Now on your browser on your phone just type in the IP address of the self hosted service (I just have my home page address set to Homarr which has them all) and you're done.
Really damn easy, and free
Edit: That exit node you set.up is inside your network. Tailscale tunnels to that exit node inside your network without open ports, so when you do as above, you're essentially inside your network.
I use work WiFi. Work block WhatsApp. When I connect through Tailscale via work WiFi, my WhatsApp works fine, because I'm using my own home network to send/receive messages
how to access the NAS and HA separately from the outside knowing that my access provider does not offer a static IP and that access to each VM must be differentiated from Proxmox.
Tailscale, it will take about 5 minutes to set up and cost nothing.
Hi, I read your update and you're just a little behind me on the trail, so here's some breadcrumbs.
Proxmox is awesome, stop wondering and install it, it's awesome.
Ok so you can do 2 things, VM or LXC. You're wondering what the difference is.
VM is a computer
LXC is a container.
Now as far as I can tell a container is kinda like a little computer that's made to do one thing. So it needs less resources, just what it needs to do that one thing. It also needs less permissions to do that one thing, so it has less permissions.
Now Docker is a container engine. It's beautiful because you can just tell it what to make and it'll make it. If you remember what you told it, you can do it again really quickly.
Docker is also beautiful because it will run on anything. So you can make a container on a Linux machine, then make it again on a Windows machine if you remember what you told it. This is done with a bunch of text, so as long as you can save that text and get it on another machine, well you have the container again.
Not knowing this, I've been trying to make docker work in LXC containers with a bit of success and a lot of failure. I thought I could just have a bunch of cloned LXC containers with Docker on, and make a bunch of services using minimal resources.
But now I know I'm trying to run a container inside a container and that's why I'm hitting walls.
So Proxmox VMs are gonna be your friend. It will be tempting to try and migrate to containers, but as a beginner you can save a lot of headaches by making a couple of VMs and cramming a bunch of stuff on em.
This is where Docker is useful. If you use a docker hypervisor (?) app, there's Portainer for example which I use, you can just use one instance to control a bunch of other instances of Docker.
This makes it easy to try something out on a test machine, then just move it over to another machine when it's ready. The more similar the machines are, the easier the transfer. In Proxmox you can clone things, so you can make a computer, clone it, then set things up on one and move em over when they're working right, then just turn the test machine off.
So in my opinion, boot a VM of Home Assistant OS and get that working. Make another for playing with of whichever flavour you fancy. Windows, Linux, both?
Bang docker in it and have a play. I like Portainer, made Docker easier to mess with, but I like a UI. So I got Portainer working first and used that to put Docker Compose files into "Stacks" in Portainer and poked them.
Then when I found stuff I liked I tried booting them so they work, be that in a VM, and LXC or in Docker if I had got it working to my liking already. Because Docker is containers I hit a lot of problems running stuff (and I don't know what I'm doing) but found an LXC or VM easier.
Try getting piHole (and try Adguard, I prefer it) going in Docker. I found Adguard works perfectly fine in Docker, so once I got it working I just had to decide where I wanted it and ended up having an instance in Docker in an LXC (container in a container, not great, but it works.
Then I copied it onto a raspberry pi, just put Docker on it and and used the same file. That means that if I knackered up my Proxmox my internet won't go down.
No rush, take your time. HA OS was pretty simple to get running, you'll just have to learn how to pass through your usb (top tip, just have that one usb plugged in then you only have 1 device to choose from).
Learn how to make a backup (HA has an add-on called Google Drive Backup that's REALLY useful) just in case you tinker and kill something.
Above all, don't kick yourself for making mistakes, it's how we learn.
I have dynamic IP and there are several ways around it. I use Cloudflared (updates DNS records regularly) and a script I found to update duck DNS as a backup. Both very simple.
Accessing the services is not the problem, the problem is keeping them safe. I've tried lots of different ways (although not tailscale yet) and have a few services exposed directly to the internet behind authentik \ NPM \ Cloudflare \ fail2ban \ ufw. Others, I access through my router openvpn server, with keys for my laptop and phone as clients. There are so many guides online for all VPN types. Its just finding the right approach between ease of use vs safety
for ease of use i would not use a pci coral. usb just is easier. passing the usb through to a dock or vm is easier. i use unraid and it was extra work to get the pcie vs usb coral setup. I have a nuc with a bunch of ssds for this kinda thing too.