

I switched from raspberry pi and orange pi to a cheap Intel NUC, and I think it’s just a much nicer experience.
The pi is great fun, but the HW transcoding on a NUC “just works,” and the SSD and 16GB RAM opens a lot of doors. My N100 NUC was less than $150, and it included everything (case, power supply, 500GB SSD).
My pi found new life as an off-site backup: attach a big HDD, set up WireGuard, and have a cronjob do daily rsync and snapshots. I have it set up at in-laws, and it works great.
Fail2ban config can get fairly involved in my experience. I’m probably not doing it the right way, as I wrote a bunch of web server ban rules — anyone trying to access wpadmin gets banned, for instance (I don’t use WordPress, and if I did, it wouldn’t be accessible from my public facing reverse proxy).
I just skimmed my nginx logs and looked for anything funky and put that in a ban rule, basically.