I’ve got a good offer(to me) on a r730xd, with 256GB of DDR4 ram, intel arc a310, dual 10Gb+dual 1Gb NIC. x2 E5-2666 V3.

This machine will see very ram dependent docker containers, the biggest selling points for me is the intel arc for my Plex transcoding. And the ram for my other container usages. I’ve already got 16TB disks, SSDs for cache. I use UnRaid Pro.

The other option is upgrading my current system to an i9-14900K, 48GB ram, Asus mobo on a tower I have everything else on (minus the GPU since the iGPU transcodes Plex great).

I just greatly need more cores and more RAM but the cores only need to be comparable to the 8700K I’ve been using, and the Xeon is just that.

They’re both comparable in price initially until I try to match the ram of the i9 system. Then I’m going above by at least $300.

Performance wise the i9 takes the cake every day and has the core count I’d need.

What would you do.

EDIT: I ditched Traefik, and Authentik. I am now using CloudFlare zero trust tunnels, closed all ports on my router and the attacks have completely stopped.

I recently posted about my server getting hundreds of requests and attacks, I followed through on some recommendations.

I ditched TrueNAS and went back to my Unraid Pro installation.

I’ve added JavaScript challenges through CloudFlare which has helped drop my traffic down to 200 from 20k per 24 hours. I set up Authelia, as well as CA Certs instead of Self Signed. HSTS. and a few other firewall rules for Trusted IPs.

I’m in the process of learning how to use crowdsec as another layer of protection. I’m looking for more recommendations. I don’t really like the feel of Authelia as the UI is rather huge lol for a login form.

The amount of attacks my router has detected since these changes have been 2 in the past day or two that is blocked.

Follow up; After doing more digging. It looks like something or someone was able to actually inject a shell script into my traefik “app”. I resolved it, I will be switching to a different ingress system. I have been looking into using portainer to spin up docker images.

So, I self host using TrueNAS Scale and I have 12 "apps" that run constantly.

bookstack
hastebin
maintainerr
ollama
overseerr
plex
radarr
sabnzbd
sonarr
tautulli
tdarr
traefik

I've never noticed anything out of the ordinary other than cloudflare showing I have on average 19k requests per 24 hours for services I pretty much use. I know bots will account for a lot of these once a domain is cached on Google and gets picked up on scanning etc.

I checked my router, it shows that every day, every hour for the last 3 months there has been a "web shell script" attack blocked. I checked my servers logs and still see nothing out of the ordinary, I feel like it is a bit excessive to be this much.

Of the 12 apps, 8 are forward facing to the internet and passed through cloudflare on specific use domains. Served with Full end-to-end SSL certs.

Just paranoid.

Edited; Accidentally put month in place of 24 hour measurement.