Now the question is:
- Should I have one VM with OMV and install NextCloud and other services within OMV ? [Idea being that all my Home Server Services will be located within one VM]
- Should I have two VM`s : one for OMV (for RAID management, smb, nfs, etc) and one for Ubuntu Server (for NextCloud and other services) ? [Idea being that one VM will solely be responsible for disk management and the other VM will solely be responsible for running services]
I have good enough resources for either configuration so that is not a matter of concern. I am more concerned about the performance and security of the setup. Cause I believe there might be a performance drop if i use two VM`s, since the data will be exchanged between the two VM`s via some kind of share.
What will be a better approach according to you and why ?
I don't see the point. Isn't the idea of virtualization/containerization that you isolate your services instead of using a single OS for everything?
Using a dedicated LXC/VM for each service would give you multiple benefits:
1.) less dependencies: Let's say one service will only run on the old Debian 10 and isn't supporting the newer Debian 11. Maybe other services could be upgraded, but then they require Debian 11 and won't support Debian 10 anymore. Now you are stuck with Debian 10 and can't upgrade your services, as that one service is preventing you from upgrading your OS. If each service would use its own VM, you could run Debian 10 and 11 in parallel. Each service uses the OS Version that is optimal for it.
2.) easier management: Let's say you got HomeAssistant for your home automation but a year later you decide to switch to iobroker. With every service running in it's own VM/LXC you can just create a new LXC/VM for iobroker and destroy the HomeAssistant VM. When using a VM/LXC for different services you can't easily throw away that guest. You would need to deinstall HomeAssistant, remove all stuff it created, remove its dependencies, remove the users, ...probably some stuff might still be remaining...
3.) security: let's say there is a Nextcloud zero-day exploit and a botnet makes use of it and hacks all Nextclouds it can find online. If that Nextcloud is running in a dedicated VM, then you are screwed, as the hackers now got access to all your files stored in that cloud. But atleast the attacker only got access to that. In case you run multiple services on the same VM, lets say for example Paperless to store a digital copy of all your sensitive letters and documents, then the attacker would also get access to that and could read your mail too.
4.) backup and migration: Maybe you later find out that you need more power/capacity and decide to get another PVE server. With every service in its own VM/LXC you could move single services between the nodes. Or let's say you want to backup your Nextcloud each day and keep backups for 3 years but for your unimportant LXCs like pihole it would be enough to only do a weekly backup and you only keep for 2 months. That can't be easily done when running multiple services on the same VM/LXC.
