I switched to Technitium and I’ve been pretty happy. Seems very robust, and as a bonus was easy to use it to stop DNS leaks (each upstream has a static route through a different Mullvad VPN, and since they’re queried in parallel, a VPN connection can go down without losing any DNS…maybe this is how pihole would have handled it too though).

And of course, wildcards supported no problem.

Maybe take a look at Outline. (Not affiliated, but I host it for myself.)

I also host KitchenOwl, but mostly just as a grocery list.

I’m really really glad that I get root on my work computer.

“…I really don’t want to have to wipe the thing because it’s running a headless OS”

I feel like logging in as root on a headless system and hoping you type the command(s) to restore functionality is a rite of passage.

Not the same, but for my Immich backup I have a raspberry pi and an HDD with family (remote).

Backup is rsync, and a simple script to make ZFS snapshots (retaining X daily, Y weekly). Connected via “raw” WireGuard.

Setup works well, although it’s never been needed.