My new home server · g/ianguid/
Skip to main content

My new home server

At the beginning of 2023 I started renting a dedicated server from Hetzner with the intent to self-host several services.

With an Intel 7th generation CPU, 32GB of RAM and 6 terabytes worth of spinning rust, it served me well: my Mastodon single-user instance,, used to be hosted there.

Besides some signs of hard disk failure1, the served chugged along.

At home, a Raspberry Pi 4 with 8GB of RAM was in charge of handling home automation and Tailscale exit node.

Everything was fine, running smooth… That’s why I felt the need to tear everything down and re-do from scratch.

Requirements! #

I guess I got bitten by the homelabber bug.

Around Christmas I officially decided to decommission the Hetzner server — which I jokingly called bigboi — as well as the Raspberry Pi — much less amusingly called raspi — and try finding a replacement for both, that would live at home.

My demands:

  • Must be physically as compact as possible.
  • Should allow for some degree of expandability.
  • Have an Ethernet link capable of at least 1GBit/s.
  • Low power consumption.
  • Must allow virtualization.
  • Have a x86_64 CPU2.
  • Repair-friendly.
  • Supported by mainstream Linux distribution, no vendor kernel needed.
  • Reasonably priced.

My attention turned to a series of post by the ServeTheHome folks in which they surveyed various small form-factor thin client computers which incidentally are also often decommissioned by their employers for a low price, probably due to planned obsolescence or support contracts ending.

Finding tiny computers is not as hard as one might imagine: there are lots of thriving small businesses on eBay refurbishing them and often providing months or even years worth of warranty3.

Among the several options available, I settled on an HP EliteDesk 800 G4 Mini .

It came with an i7 8700T low-power 12-threads CPU, 16GB of DDR4 RAM and 256GB of 2.5” SSD.

It matches all my requirements for this project:

  • It’s incredibly compact.
  • Has 2 NVMe and a 2.5" drive slots.
  • The integrated Ethernet port is 1Gbit/s, and through an HP proprietary connector one can add an extra 10Gbit/s Ethernet.
  • The CPU is a T variant, which has lower non-boost clocks to save power.
  • Has a recent x86_64 instruction set.
  • Can be completely tore down, has socketed CPU, RAM and storage, has a detailed repair manual freely available online.
  • Runs mainline Linux just fine.
  • Can be found for less than 400 euros shipped, with a good hardware selection.

HP says those machines can handle up to 32GB of RAM, but apparently they can handle 64GB just fine.

The G4 comes in 95W, 65W and 35W versions: while higher wattage boards and power supplies handle lower-power CPUs just fine, the opposite is not true.

Considering you could fit up to an i7 8700K in a G4 Mini, pay special attention to what CPU the seller is listing – mine came with a 65W board and power supply.

All i5 and i7 G4 Mini come stock with Intel vPro with AMT, a great addition if you want to keep it as an home server like me: it’s similar to a KVM but without the additional BMC board4.

Software #

As you can probably imagine, I like running software on my server5:

  • Portainer to manage Docker in a user-friendly way
  • Tailscale , because it’s the best damn personal VPN stack out there
  • Caddy to serve web pages and forget about renewing LetsEncrypt certificates
  • Miniflux as my RSS reader
  • Navidrome to listen to music
  • A couple Transmission instances for uh, Linux and BSD ISOs
  • Home Assistant to assist me in handling my home
  • AdGuard Home to filter out ads
  • Vaultwarden to manage my passwords
  • Several containers running Borgmatic , with different SSH key pairs and repositories

Instead of running everything as Docker containers on bare metal, I divided the deployment in two: stuff that will be exposed on the Internet and stuff that won’t.

I started designed with virtual machines in mind, which in turn will run Docker containers as their primary mean of deployment.

Since VMWare ESXi for non-commercial uses is not a thing anymore , I chose Proxmox as my trusty companion.

The first VM I created was for OpenMediaVault : it exports an internal NVME and an USB drive as both NFS and SMB shares.

The USB one is in charge of handling Time Machine backups for my Mac, while the other acts as general file sharing and archival drive across other virtual machines and computers on the same network.

I added two other VMs:

  • web, in charge of handling Internet-facing services.
  • home, for everything else.

Read/write access to the storage devices was configured with NFS.

Public networking was kind of puzzling to figure out: I don’t want to use my static home IP address to host my website and public services, but I still want some of them available on the wide Internet.

I figured I could connect web to an Oracle free-tier VM through Tailscale, and route all the incoming traffic on ports 80 and 443 to it.

Throughput-wise I have no issues even when streaming lossless music, all through a small 20MBit6 upload pipe — neat!

In the future I would like to move to a different provider, or rent another IPv4 address from my ISP7.

Closing thoughts #

Napkin math time:

  • total hardware cost: ~600 Euros.
  • considering a worst-case power requirement of about 65w, the total cost of owning and operating this setup is about 5.50 Euros/month at the current energy market rate of 0.13 Euros/kWh, plus 30 Euros/month for the Internet connection.
  • hosting a dedicated server on Hetzner with similar specs — but lower performance due to spinning rust — came to ~45 Euros/month
  • I cut server hosting spending by more than 20%.

Cost reduction aside, knowing I’m in control of my data — and my outages! — brings me a warm and fuzzy feeling, something a dedicated server in a remote location can hardly match.

In the future I’d love to buy more bulk storage space to get rid of the various USB HDD’s I have laying around8 and also place all the network and computing devices behind a couple UPSes.

  1. Which apparently you can have fixed by Hetzner, just ask! ↩︎

  2. I strongly believe the market for ARM-based non-enterprise boards is still too fragmented and hobby-oriented — finding a single-board computer that is as flexible and well-supported as an x86_64 machine is hard↩︎

  3. That is, they’ll help you troubleshoot problems and issue a replacement unit or parts if applicable. ↩︎

  4. Depending on your threat model you might want to disable vPro/AMT completely, since it runs on the “hidden” operating system some Intel CPUs run. I’m fine with leaving it enabled, my trusted computing needs aren’t fulfilled by this machine anyway. ↩︎

  5. I should update my uses page as well. ↩︎

  6. As I’m writing this I see a fiber-to-the-home cabinet being installed outside my window, 200Mbit/s upload speeds should become a reality soon. ↩︎

  7. Sounds like a perfect job for IPv6! ↩︎

  8. I’ve yet to get bitten by the data hoarder bug. ↩︎