I can give you an idea of what I do:

I use a clustered 2 node setup on proxmox (modified corosync as I don’t care about true HA - that way I can reboot node 1, and node 2 stays up and works fine), centralized management, etc…and I don’t have a quorum device, I’ll eventually add a 3rd node and fix it proper.

I backup the bind volume /data + /appdirs, plus all infra is in compose files/stacks, so I don’t care if I lose all the data. It just costs time to resetup, working on ansible eventually to lessen that.

So I just split the resources between the two nodes:

1.) Proxmox Node 1

• LXC PiHole
• Big Ubuntu 22.04 LTS VM running docker + docker compose, main portainer + a lot of other various containers under this.

2.) Proxmox 2

• LXC PiHole 2 for HA.
• Big Ubuntu 22.04 LTS VM running docker + docker compose, portainer agent + Plex Media ARR Apps. My “download client” runs behind gluetun and only functions if the VPN connection is active, otherwise the connection is killed. (think wireguard vpn container)

I literally got all of this setup in ~4 days and previously didn’t know anything about proxmox, or much about docker at all. Granted I am on vacation at the moment, so there is that…unlimited time.

I can share my giant plex-arr docker compose file I’ve came up with for this, made it myself and it all works assuming you rename a few of the variables.

I use a custom domain for everything…email, internal dns, external (cf tunnels), and my public websites. I use to use AWS Route 53 for everything because of work, but moved to CF because it’s free and much easier to setup and manage.

For local devices I use *.local.domaingoeshere.com (wildcart cert), issued by cloudlfare. In retrospec I should have used *.int.domain.com as it would be less typing…but everything is categorized and bookmarked anyway.