Pretty much any wireless AC AP from the last 10 years can hit those speeds with no headache, no keys, and no Windows.

An AP is just a WiFi point, you can use pretty much any AP with your pfsense router.

That’s what most of us do, using this windows VM just for WiFi is only going to cause you a headache in the future.

Maybe a stupid question, but isn’t it just easier to get a secondhand AP on eBay or something than deal with this windows WiFi BS?

You ask about future proofing but Windows 10 is EoL in 8 months.

Pretty sure samba won’t do anything if you haven’t configured it. Make sure you do some basic setup first:

https://wiki.debian.org/Samba/ServerSimple

You are a legend

This is your life now, if you move and wake them you will have committed a great crime.

My personal opinion, as soon as you’re charging and providing SLAs you’ve exceeded what you should be doing on a residential ISP.

I’d really recommend putting your app in a real cloud solution, which can provide actual load balancing via DNS natively for regional failover if you desire.

For what OP is asking DNS has no part in DNAT, they need a load balancer.

Personally, asking about high uptime on a residential ISP is the larger issue here, but alas.

Every “plug and play” NAS I’ve had has been garbage, riddled with adware and had to be firewalled from the internet. After a year they just get insanely slow because they put the worlds’s cheapest ARM SoC in there.

Personally just take your drives out and stick them in an old PC and install truenas, or just straight ZFS on Debian. Then you can run your containers on the same machine like Jellyfin, etc.

People downvoting you can’t do a quick search:

https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification

TSMC is absolutely up and running already in the US.

fyi you can get a wildcard from letsencrypt for free

There’s nothing bad per se, but obviously not sharing the inner workings of your internet facing server is just another step to protect yourself.

You mention in the OP this is for a business, my opinion you should be working on a professional resource/developer to manage this for you and not random Lemmy users.

On the use of Caddy, your configs here host a lot of sites with many specific configurations, I’m not sure caddy can support all of this. nginx is the tool of choice for a wide majority of the internet for a good reason.

I ran opnsense in a VM for years with no issue, just recently went to dedicated hardware. Every now and then I’d want to replace a drive or swap the GPU in the host for jellyfin and taking the internet out with it sucks a lot.

Being able to snapshot opnsense is cool, but opnsense also has a very robust backup and restore system so idk.

fanboy downvotes aside, this is a nexus 6P

the visor returns

Valve makes money whether you use windows or Linux - that’s probably more their attitude.

Use Envision and an AMD gpu, works great.

Don’t use SteamVR, it’s trash on Linux - Valve for all their Proton work has ignored the Linux build of SteamVR for years.

All of which were 100% profit-driven, and conveniently ignoring Epic’s many sins not limited to the one I personally despise him the most for: killing the Linux and Mac builds of rocket league. Epic bought the studio and nuked the Linux version, no apology.

Edit: I redact my earlier message, based on your other many comments in this thread I believe you are an Epic game store bot - or a corporate shill.

I’m confused, your post implied running unifi protect on your own hardware, but this link is about adding 3rd party camera streams into unifi protect.

Did I miss that?

idk what nonsense the other commenter is posting but essentially your network flow should look like this:

internet user -> your IP (found via dynamic DNS) -> firewall/router DNAT port 443 -> proxy (nginx/caddy) listening on 443, backend set to port 80 -> vaultwarden port 80

You’d load your SSL certificate into the reverse proxy, I’m not familiar with caddy but I use nginx for this purpose.

Ubiquiti killed the bring-your-own-hardware option for unifi protect many years ago, unless you go down the road of hacking their app into a docker image.