Hey /c/selfhosted! Reddit refugee here with a couple questions on things I’m a bit uncertain about. I’ll try to keep it brief, but I can clarify anything that needs clarified.
I came into a little money recently and I’m coming into some more in the nearish future. My plan is to put some of that into a new server build that I’ll use to host VMs running Docker, Portainer, and Nextcloud for starters. Vaultwarden, Jellyfin, Gitea, and some kind of dashboard site will come once I get NextCloud in a good place (I’m torn between Dashy and Heimdall, so if anyone’s got opinions I’d love to hear them.) I plan to add more once I’m more comfortable with Docker, and once I have a better idea of how to keep all these things organized and backed up.
I have two domains I’m going to use for these, one for test and one for “prod”. I use quotes because all of these things are for me only until I’m confident enough to invite my family. I don’t plan to make anything that’s going to be used by more than a handful of people overall.
I’ve been trying all this with an old server I got off Craigslist which I installed Server 2019 on. I know IIS is a thing, but I’m not certain how or even if IIS plays with Docker, which has me questioning if Windows Server is even worth messing with on the new hardware. Right now, I have a VM set up in Hyper-V which is hosting Docker/Nextcloud in what I’m considering a test environment, but it’s not accessible outside the home. Mostly I did this to learn Hyper-V for work, so I’m not married to Windows Server or even Windows for all this.
The other problem, of course, is DNS. It does appear that my ISP has given me a static address (or at least they haven’t changed it since I moved in 6 months ago). Assuming that’s true, I’m not certain how I’d go about configuring a DNS server at home and making it accessible outside my home. If anyone’s got any resources they want to recommend for setting up a DNS server in-home for this kind of thing, I would love to see them.
tl;dr
- Is there any advantage to using Windows Server to host VS some flavor of Linux or even Windows Pro, or am I just wasting my time (assume cost is not a factor)
- Am I making my life harder trying to manage DNS through Windows Server, and is there an alternative if so. Linux alternatives also accepted
I wouldn’t want to host anything on Windows unless you have to, or you want to learn more about Active Directory / Exchange / etc to help with a day job (assuming your day job is sysadmin / IT). Even then I’d do that inside Windows VMs on a Linux / ESXi host.
I personally wouldn’t (and don’t) host authoritative servers externally to the internet. I do split-horizon DNS, so that my internal BIND server handles my LAN, but I have outside DNS handled by someone that has an ACME (Let’s Encrypt) module, so that I can do wildcart certs.
One thing to look into as you spin up services at home would be some sort of VPN like Tailscale, WireGuard, or even something like Cloudflare Tunnel so that you’re not exposing services directly to the internet if you don’t absolutely have to. I believe some of these projects/products let you specify DNS servers so that when your phone (for example) is connected to the VPN, it uses your home DNS servers instead of public ones.
Your very own self-hosting legend is about to unfold! A world of dreams and adventures with self-hosting awaits!
Windows is just flat out a bad server OS. The only thing it’s really good for is managing active directory. Every other role it could conceivably fill is done better by Linux.
Except virtual desktop servers, though that is niche outside the enterprise space
Let me introduce you to Zentayl my friend. You don’t even need to use it for active directory anymore.
In my opinion, using windows server is only a disadvantage. Linux is the preferred server OS for almost any application. You will find a larger knowledge base online for both Linux and running all that software in Linux. Windows really only has a place as an exchange server IMO, and even then you can find a better option probably.
That being said, I will also recommend Debian.
@borlax @stardustsystem I wish this were true. At work we need Windows servers for security system management, school management, and a few other things.
Don’t use Windows Server for homelab, I’d recommand using Proxmox and make VM and LXC, this will be way easier to backup and manage.
For DNS You should use something like PiHole, which can be setup in a small Debain LXC and works like a charm!
As others said - use Linux. It’s the defacto server operating system. Windows is clunky and cumbersome. Microsoft even made .NET work across other operating systems, making hosting .NET apps on Linux a breeze.
A super simple (and free) way of exposing your home server to the internet is to use Cloudflare tunnels. That way it doesn’t matter what your IP is, traffic is routed through Cloudflare to your server and your IP is never exposed.
Use Cloudflare for your DNS, and it will offer you additional protection on their free plan.
- Go Linux. It is far superior.
- get a domain (third level from here for free for starters) and ssl certs from lets encrypt. IP Addresses and no or self signed ssl will look super shady for any not coputer savy person and is unsafe (at least no ssl is)
My opinions:
- No, there is no advantage to Windows server; yes, you are wasting your time. Most good server stuff out there is Linux-first or Linux-only.
- Yes.
bind
is the gold standard of DNS servers but can be kind of annoying and fiddly to configure.dnsmasq
orcoredns
are excellent alternatives.
The main advantage of using Linux for your homelab is that you will get a lot more support because most folks here run their homelabs on Linux, BSD, or a combination of both. I run my home lab on a combination of both. Windows Server will probably end up really frustrating you and adding additional needless expense.
For DNS, you can look into a couple of different solutions:
- PiHole
- Run just Unbound
- Run BIND
I personally just run Unbound as it works well for me. Currently, I am thinking about moving to a split-brain DNS and do away with fake .lan internal TLD that I am using, especially now that I have gotten Let’s Encrypt’s DNS-01 challenge to work properly.
Besides what everyone already said, I would emphasize docker. Just take the plunge and learn it. It will make hosting and keeping things organised much easier.
If you want to go the extra mile, you could have a look into ansible, to make your build reproducible. But it’s probably overkill for now. You’d probably take so long to get anything done that you might lose interest.
- Use Linux
- It’s probably not a static-ip and I wouldn’t rely on it as such. I’d use http://www.duckdns.org/ to handle the dynamic IP issue (or something else, https://freedns.afraid.org/ would be another option)
- I’d look to pihole to start with for DNS. It blocks ads and you can add manual DNS entries. If you need something more complex, you can always migrate to something like unbound but pihole is a good, easy start.
- Setup https://letsencrypt.org/ You didn’t mention HTTPS/SSL, but you should really set it up. let’s encrypt makes it easy and free
I really like nginx proxy manager for handling certs and reverse proxy configuration
Migrate from pihole to unbound? Why not just do pihole with unbound to start?
I just think as someone new (like the OP), setting up vanilla pihole is a little easier.
I’ve been self-hosting a wide variety of things including nextcloud (which is one open source project I advocate everyone look at, especially on a web domain so they can access it from anywhere)
Go linux for hosting your open source projects. Just do it. I’m not saying that because windows is inherently worse than linux, but because everything out there is documented as if you’re hosting off of linux. In fact, you should really consider using Ubuntu-server, because most things have documentation specifically for ubuntu.
Going with windows server as mostly just s hyper-v box with your linux installations inside, that might be worthwhile.
If your IP address appears static, then you can probably just directly configure dns through the web interface of your domain provider. There’s a great script out there for doing dynamic dns using different providers such as godaddy, that could be some insurance to make sure you don’t end up with a non-working social media network.
One thing you should consider is running one virtual host as your reverse proxy that redirects different subdomains to the different individual servers running your services. The reverse proxy server running something like nginx would then deal with all your subdomains, and if you work on say your nextcloud and need to reboot it won’t take all your services down at once because your reverse proxy continues to function for all your other services.
-
I’d advise using Linux instead. I don’t think I’ve seen any selfhosters/homelabs use Windows Server. I know you’ve said you wanted to use Docker but Proxmox is a good hypervisor that is used to run Linux containers and can be setup to run Docker containers as well.
-
Why do you plan to run a DNS server at home? It seems to me like your plan is to access your server from outside. For that you can use your IP address or alternatively you can lease a domain and set its DNS to your IP and use that instead. You can also use a free service like DuckDNS instead.
-
- As already stated, yes, you’ll make life harder, as most (probably all) instances run on Linux. More help there.
- Bind is the reference implementation of dns, powerdns is easy as well.
With bind you can setup an internal zone on a 2nd instance so you can test before changing the external zone to point to your instances. It’s a tad extra work, but you can mess around without bothering others.
It’s not easy, but there are loads of examples online. (And once you’ve gotten used to the commandline way of administering, it’s not hard)