Selfhosting mail with redundancy is easy. Staying of blocklists and filtering spam out is less easy.

There are some pretty good guides available online, and since dovecot and postfix are old and stable, years-old guides are still relevant. I'm on mobile though, so can't immediately link any. (Almost all of them are standard deb/rpm+systemd based, no docker. But if you really want docker, building those containers is pretty easy, it's just a package, a few configs and a service after all...)

Virtualized with libvirt:

• Nomad (3 nodes)
• Consul (3 nodes)
• Vault (3 nodes)
• Gitlab + CI
• Nextcloud
• Sonarr, radarr, bazarr, jackett, deluge
• Prometheus
• opensearch
• puppet
• powerdns (international authoritive main + replica), unbound (internal recursor), ntp (2 nodes)
• powerdns (public authoritive replica)
• haproxy (2 nodes)
• nfs, samba
• Seaweedfs (S3) (3 nodes)
• rsnapshot
• package repositories (deb, rpm - plain dirs/files served by apache, with some scripts to manage repo metadata)
• postgresql + patroni (2 nodes)
• container registry (to investigate replacing with zot)
• openldap, keycloak (2 nodes)
• unifi controller

In nomad:

• Grafana
• Vaultwarden
• Tandoor
• Matrix
• Puppetboard
• Prometheus exporters for various things

Offsite rpi @ parents

• Rsnapshot, samba

Rpi doing router duties, to be replaced with rb3011 when I finalize it's config in terraform

VPS:

• Powerdns (public authoritive primary), haproxy, postfix (secondary MX)
• Postfix (primary MX), dovecot, spamassassin, opendmarc, opendkim

Old laptop: k8s playground for learning

Short-term todo:

• Homeassistant

Public dns names have A records pointing to haproxy vps, which proxies to home over tunnel, and AAAA records pointing straight to home (I have static ipv6 prefix, but no static ipv4 address)