NextCloud is slow as shit. I really question their sanity to use PHP for this huge framework. I use single solution services and fared much better.

Among all those mentioned here, which do you prefer and why?

Large databases and complex queries or video streaming definitely will benefit from higher clock speeds from single core performance. But if you plan for multiple users using your services at the same time, then multicore benefits will outweigh single core performance.

So if you are the only user than single core it is, but if you have multiple users or run multiple docker containers than you reach a bottleneck quite fast, where background services will compete with each other.

I’d recommend you ask in pfsense forum or irc channel. Those guys know the nitty gritty of it and also provide a diagram on draw.io so that they understand your configuration. Since pfsense seems to be the main gateway connecting all other computers, you need to fix it there first, before you can look at other possible locations to fix. Everything stands and falls with pfsense. Something that might seem impossible to an amateur might be solved trivially by an expert. Each and everyone have their domains so don’t feel bad or shy for asking. Nobody learned self hosting in a vacuum. We all share and learn. Since I have never used pdfsense I can’t help you with configuration, but I know the problem either lies with your router or pfsense.

If your servers are on a vpn, the outside is not able to reach it, as there simply is no Network Address Translation going on outside the vpn. The computers might be able to reach the web, as pdfsense will open the ports required automatically and forward the requests, but it won’t do that for computers outside the vpn. In order for other computers to reach your vpn, the outside computer would also need to be a part of the vpn including the pdfsense as a gateway, only then can they communicate with each other.

Pdfsense was developed as a security tool to keep your internal network secure from outside computers.

If you want to reach your homelab via the web, you will probably need to use a normal router that supports wireguard or install a linux box where you can install wireguard or tailscale or netmaker etc and then open a UDP port for the wireguard port in your router.

This way you can make sure that you can setup the vpn the way you want, and not rely on what’s going on under your pdfsense hood. Depending on the pdfsense config there could be multiple reasons why it’s not doing what it does from lack of NAT to lack of iptable rules to other reasons as it simply not being configurated to act allow outside actors.

Why not rent cloud gpus?