My home server runs a full self-hosted stack on a single VPS: Nextcloud, Vaultwarden, Paperless-NGX, a complete mail stack (Postfix + Dovecot + Rspamd + ClamAV), Collabora Online, and monitoring via Grafana Cloud — all on MicroShift, managed by Flux CD, behind a WireGuard VPN.
The whole thing runs on Btrfs with hourly snapshots sent to a Raspberry Pi. A GitHub Action creates a snapshot before every GitOps push. grub-btrfs registers every snapshot in the GRUB menu. If something breaks, rolling back takes thirty seconds.
The setup took about two weeks to migrate from a Gentoo/Docker system to Fedora Server 43 + MicroShift — step by step, one service at a time, each with a proper cutover. The parts that caused the most friction: MicroShift’s Security Context Constraints, a Btrfs quota interaction that crashed etcd every hour, and Dovecot 2.4’s breaking changes from 2.3.
I documented the entire setup as a step-by-step runbook — from a fresh Fedora install through base system, storage layout, firewall, WireGuard, MicroShift, GitOps, wildcard TLS, and all eight services. With the full GitOps manifests and operational scripts.