Devices
This section discusses suitable devices for hosting home services.
There are many options for home-use devices: retired laptops,闲置 desktops, development boards, NAS devices, soft routers, Macs, etc., all of which can host services.
Hardware choices in 2024 no longer need to be limited to x86 platforms. ARM platforms have matured with advantages including low cost, sufficient performance, low power consumption, and rich ecosystems suitable for home use. Unless you must run legacy software, ARM platforms are excellent choices.
Installing Windows/Linux on Apple devices or running Hackintosh on non-Apple hardware requires technical expertise, suitable for users comfortable with system modifications.
Device Selection Criteria
- CPU: Prioritize power efficiency/performance ratio
- Memory: Minimum 4GB baseline
- Storage: Consider redundancy and expandability
- Network: Gigabit Ethernet essential
- Cooling: Reliable thermal management for 24/7 operation
- Noise: Acoustic requirements depend on placement location
Operating Systems
Linux offers the best ecosystem with abundant tools. Command-line operations suit users with technical backgrounds. Non-professional users might consider Ubuntu Desktop. Black NAS systems are viable but require self-troubleshooting.
Windows has the broadest user base. Most requirements can be met through IIS (Internet Information Services) with simple mouse operations.
Windows installation reference: massgrave.dev
Apple’s ARM CPUs make Mac Mini a cost-effective hardware option. However, macOS requires alternating between GUI and command-line interfaces, suitable for technically proficient users.
System Selection Recommendations
- Beginners: Windows + Docker Desktop
- Advanced Users: Ubuntu Server/Debian
- Stability-Centric: RHEL/Rocky Linux
- Specialized Needs:
- Media Server: unRAID
- Storage-Focused: TrueNAS
- Full-Featured NAS: Synology DSM
Recommended Devices & Systems
Professional users have diverse requirements, while non-professionals primarily need NAS devices. Simply search for “NAS” on e-commerce platforms and purchase according to needs.
For budget-conscious users: repurpose闲置 devices or purchase discounted hardware from second-hand markets. Windows Server 2022/2025 or Black NAS systems can be installed with technical effort.
Data Security
Hard Drive Failure
Initial drive failures often manifest as intermittent read errors. Waiting until complete failure risks expensive recovery costs and potential irrecoverable data.
Recommend purchasing a RAID enclosure. With 5-year drive failure rate at 10%, dual-drive RAID reduces effective failure risk to 1%. As long as drives don’t fail simultaneously, data remains recoverable through replacement.
Data Theft
Unencrypted data on stolen drives creates significant risks, especially for sensitive materials like confidential documents and password backups. Enable drive encryption to mitigate losses from theft.
Encryption incurs system resource overhead. Performance-sensitive users might disable encryption but must prioritize physical drive security.
Multiple Backups
Local storage isn’t foolproof - risks include theft, natural disasters, and ransomware attacks. Implement multi-location backups using reliable cloud services for critical data.
Network Security
Avoid Exposing Public IPs
Some network configurations assign public IPv6 addresses to devices, making them vulnerable to port scanning and potential exploits.
Unless specifically required, configure IPv6 in NAT6 mode for address translation to prevent direct IP exposure. For external services, use DMZ hosts. For personal use, consider WireGuard/Tailscale/ZeroTier VPN solutions for secure home network access.
Software Installation Caution
All software (mainstream or niche) may contain vulnerabilities. Regularly update software, remove unused applications, and avoid granting unnecessary privileges.
Firewall Usage
Disabling firewalls creates immediate convenience at the cost of security risks. Invest time in configuring firewall rules rather than leaving them disabled.
Security Software
Free security solutions offer basic protection better than nothing. Consider tools like Huorong Security or 360 Security.
Security Recommendations Summary
- Network Segregation: VLAN Partitioning
- Access Control: Reverse Proxy + Authentication
- Monitoring: Hardware Status Alerts
- Backup Strategy: 3-2-1 Principle
- 3 Copies
- 2 Media Types
- 1 Offsite Copy
1 - Device
Here we discuss which devices can be used to host home services.
There are plenty of choices for home-use devices: you can repurpose a retired laptop, an idle desktop, or search online for development boards, NAS devices, soft-routers, Macs, etc.—all of them can run services.
When selecting hardware, don’t obsess over the x86 platform; the ARM platform is already mature, inexpensive, adequately powerful, energy-efficient, and has a rich ecosystem, making it ideal for home use. Unless you must run legacy software, ARM is a solid choice.
Running Windows/Linux on Apple hardware, or installing Hackintosh/Hackintosh-based systems like BlackSynology on non-Apple machines, requires some research and suits technically inclined users who enjoy tinkering. Frankly, though, it’s usually unnecessary.
Reference Specs for Choosing a Device
- CPU: prioritize power-to-performance ratio
- RAM: start with at least 4 GB
- Storage: consider redundancy and expandability
- Network: gigabit NIC is the baseline
- Cooling: 24/7 operation demands reliable cooling
- Noise: placement determines the noise tolerance
Operating System
The richest ecosystem and widest selection of tools is Linux. For certain users the command line is simpler than a GUI, and automating tasks on Linux is straightforward—ideal for users with some experience.
Among the many Linux distributions, non-experts might start with Ubuntu Desktop. You could also choose a BlackSynology system, but you’ll need to solve problems on your own.
Windows has the largest user base; most needs can be met within its IIS (Internet Information Services), and countless features are just a few mouse clicks away.
For Windows installation, refer to massgrave.dev.
Apple’s ARM CPUs perform very well, making the Mac Mini a cost-effective hardware option. macOS, however, requires alternating between GUI and command line—neither can be fully discarded—so it suits users with some technical background.
OS Recommendations
- Beginners: Windows + Docker Desktop
- Intermediate users: Ubuntu Server / Debian
- High stability requirements: RHEL / Rocky Linux
- Specific needs:
- Media server: unRAID
- Storage-focused: TrueNAS
- All-in-one NAS: Synology DSM
Recommended Devices & Systems
Professional users have varied requirements; what non-professionals typically need boils down to a NAS. Just search online for NAS and buy the one that fits your needs.
To save money, repurpose idle hardware at home or pick up inexpensive hosts on second-hand marketplaces and install Windows Server 2022/2025 or try your hand at BlackSynology.
Data Security
Disk Failure
Disk failure usually starts with occasional read errors; waiting until it becomes completely unreadable will make data recovery expensive—if it’s even possible, since some manufacturers can’t recover it.
Purchasing a disk array enclosure and setting up a RAID is recommended. If the five-year failure rate for a single disk is 10 %, the failure rate for a two-disk RAID drops to 1 %; as long as the disks don’t fail simultaneously, you can just replace the failed one and keep your data.
Data Theft
If the disks are stolen and all data is unencrypted, the consequences can be catastrophic—especially for private data like confidential documents or password backups. Enable full-disk encryption to minimize damage if disks are stolen.
Encryption incurs a small overhead; resource-constrained users can skip it, but extra attention to physical security is then required.
Off-site Backups
Home storage isn’t 100 % safe—thieves, children, earthquakes, floods, or ransomware could destroy it. Implement off-site backups by finding a reliable cloud service to back up critical data.
Network Security
Don’t Expose Direct IPs Lightly
Some router configurations hand out public IPv6 addresses that can be scanned. Once ports are found, services with vulnerabilities may be exploited.
Unless there is a clear need, configure your home network to use NAT6 (address translation) to avoid direct IPv6 exposure. If you must expose services, designate a DMZ host.
For self-use only, consider setting up a VPN with WireGuard, Tailscale, ZeroTier, or Cloudflare to reach your services securely.
Don’t Install Software Randomly
Both popular and obscure software can have vulnerabilities. Stay on top of updates, patch promptly, and uninstall unused software. Never grant elevated privileges casually.
Use a Firewall
Disabling the firewall feels convenient—until the day you’re breached. Spend a little time learning the rule set instead of simply turning it off.
Use Security Software
Some security products are free and offer at least basic protection—better than running nothing at all.
Security Checklist
- Network segmentation: VLAN zoning
- Access control: reverse proxy + authentication
- Monitoring & alerts: hardware health monitoring
- Backup strategy: 3-2-1 rule
- 3 copies
- 2 different media types
- 1 off-site
2 - Device Classification
Popular network devices such as NAS, soft routers, Mac minis, and traditional routers are unified as “devices”. Users don’t need to focus on their naming or physical forms, but should primarily consider four aspects: processor, storage, networking, and application ecosystem.
The most important consideration for processors is architecture, with x86 and ARM being the most commonly used. Other architectures are not recommended for non-professionals due to their limited ecosystems which increase learning and usage difficulties.
You might hear people saying ARM is typically used in low-power devices suitable for home use, while x86 is used in high-performance devices suitable for enterprises. However, by 2024 this view is outdated. We should base our decisions on ecosystem considerations. Currently, the ARM ecosystem has become very rich with better cost-performance ratios, making it worth considering. For non-professionals, we recommend choosing ARM architecture devices - taking Alibaba Cloud as an example, ARM devices cost only half as much as x86 devices while providing sufficient performance for home use. Professionals can choose x86 architecture devices based on their specific needs.