Safest way would be Wireguard. If you don't have a static IP or domain, use an DDNS service like Duck DNS.
subven1
4x 4k transcode with high bitrate simultanously is a big stretch for small systems like this. Transcoding HDR Tonemapping is demanding and keep in mind that not only video has to be transcoded but often audio as well which can be too much in terms of CPU performance.
For a powerfull transcoding NAS I would either go Asrock Deskmeet B660 with an Intel Arc A380 or build something out of an Asrock Deskmini B660/B760 with an i3-12100/13100 or i5-12400. They can hold 2x m.2 and 2-3x SATA drives for a reasonable price.
Would also recommend to get a basic prebuild 2-bay NAS in your case. Synology, Qnap and Asustor all have app stores and Docker support within their NAS so you can install additional software later.
- Asustor AS5402T Nimbustor 2 Gen2
- QNAP Turbo Station TS-262-4G
- TerraMaster F2-223
- Synology DiskStation DS224+
And so it begins ^^
Cloudron (free tier - 2 apps). Get a server, install Cloudron, install n8n from the app store. Done.
Two Pi and a 1,6Ghz single core ARM NAS.....
This is around 20 watts idle and ~30 watts under load....nowhere near "high consumption". The N100 is just around 15 watts idle and more capable systems like a Ryzen 5 7600x idle at 25 watts. So lets say you swap everything to a N100 single system. This will maybe save you around 5 watts while idle which means ~40kw/h savings per year.
You do not have the computing power to run VM's/applications that could utilize 32GB RAM. Everything you mentioned could be run on a machine just at 4GB RAM. The only reason could be the use of ZFS and a lot of disks and TB's of space. You should be fine aiming at 16GB RAM.
In terms of OS. I use Unraid because its very easy to use and does not require you to have HDDs spun up like with traditional RAID. Saves me a lot of energy and wear on my drives. It is also capable of running Docker containers and various VMs.
Some people turn off their router at night or when they leave home. Does it make sense? Not really. Can you still do it? Of course...
Did you used this in production?
I run 3 Cloudron servers for many years and administer another 4 with some just beeing used inside a LAN.
cloudron looks like it was rather designed to pick a ready solution, am I understanding it correctly?
Most users will just pick apps from the store but others like myself use Cloudron to host their own services and custom app packages. It is actually pretty easy and there is a lot of help and templates at the Cloudron app packaging forum if you just start.
It also says, it keeps the systems up to date, which again is very high level
Cloudron uses neither Ansible nor Terraform and relies on scripts and crons. It uses automatic Ubuntu security updates, firewall and a bit of OS hardening to secure the plattform. You can take a look at the sources if you are curious.
How about some software for server management and app hosting like cloudron.io ? It is a complete and easy solution to host your own (docker based) apps or you can just install free apps from the build in app store. You can use Cloudrons base image to make use of addons (services) that are already build into Cloudron like: graphite, mailserver, mongodb, mysql, nginx, postgresql, sftp, turn, redis, ldap, oidc, recvmail, scheduler (cron), sendmail and tls or build an app on top of the LAMP app.
Everything is automated from OS updates, plattform + app based backups (with persistence if needed) to proxy setup and certificates. Besides the webUI, Cloudron also provides a RESTful API to manage apps, users, groups, domains and other resources. It also has its own Build Service and Image Registry or you could host your own Gitlab/Gitea with just one click.
Instead of real orchestration you maybe could use automation tools like n8n or Ctfreak to archive what you need.
Cloudron is free for up to 2 apps so keep that in mind but it runs well on a VPS with as low as 2GB RAM and 25GB of disk space.
Many suggest Amazon SES as it is dead ass cheap. Free tier SMPT relay services often add advertising lines or other shenanigans to mails. I use mailjet but it is quiete expensive. I send under 10k mails per month but sadly most SMPT services do not have small/mid tiers.
osTicket, Freescout, Zammad or Request Tracker.
Your servers reverse proxy (Caddy, Traefik, Apache, Nginx...) redirects incoming requests to your application (Wordpress). You need to configure the reverse proxy so that it knows which request (origin / the subdomain) to forward to which destination on the server.