spanac

I use Hetzner Storage Box for my backup needs - TrueNAS handles this for me on a regular interval and encrypts them before upload (yay rclone!). I needed a bit more storage than you, to the tune of 5TB, and for this much data they were the cheapest (12eur / 15usd per month iirc).

Consider slightly more storage if you need snapshots. For my storage box i enabled them, and now have a history of last 4 monthly backups.

If you use rclone, you can mount the remote backup as a fuse filesystem and browse your backup like it would be a local file - extract what you need only. Any livecd / USB with rclone can help you rescue your data in case of disaster.

When I setup my backup strategy, the Hetzner storage boxes showed the best price per TB, and allow ssh / SCP and webdav access.

I run a virtualized TrueNAS Scale with a passed through HBA and about 6 drives in raid-z2 mode. I setup TrueNAS to do regular snapshots - hourly, daily, monthly and I use the built in encrypted backup options to backup my most important data every night (personal videos and pictures, VM backups, documents, docker volumes).

This works like a charm and it seems to be also quite stable. If the system ever dies, I can always simply mount the encrypted backup folder on my laptop using rclone, and then manage my files directly using mc.

I have a similar situation, where I only get a public IPv6 prefix. I ended up renting small vps at netcup and installed OpenVPN and ha-proxy. My home router connects to the VPS's public IP and I do port forwarding for the services I need, or use the proxy.

Initially I setup SNAT for my web server (otherwise replies were going out the wrong interface) and that meant you don't see the public IP of the connecting client in your access logs.

Recently I switched to using ha-proxy which does tcp level proxying and works well with ports 80 and 443 and Traefik, which i use to expose my docker containers.

My connection chain looke like vps -> ha-proxy -> OpenVPN -> port forward to Traefik -> reverse proxy to the final service. It's not a fast server, and I didn't measure latency, but it's for sure not small.

As others have mentioned, ha-proxying to your IPv6 might be an interesting solution, and I think I will also try it out.

Today I'm dependent on my Jellyfin and Truenas setup, and I am exposing only one folder via SMB to manage my media from my laptop when I need to. This works great for me as I can stream my media to any of the multiple TVs and FireTV sticks around the house, and Jellyfin allows me to pause play on a device and resume on another.

My setup grew over time to adapt to my changing needs. If your setup works for you, that's great! Keep it, use it and adapt it as soon as your needs change. This is the beauty of self-hosting: you setup what you need, how you need it.