Aside from (and secondary to) monitoring, one thing it took me years to realize the benefits and ease of setting up early and i think other selfhosters commonly neglect: caching proxies and removing default internet routes.

Benefits include:

- Security

- Ease of configuring traffic control: As long as you're not redirecting UDP (have fun lol), steering apps with HTTP or SOCKS5 forward-proxies is so much more straightforward than routing.

- Performance/effieciency (global package cache for your network!)

- Resilience (apt upgrades and docker image pulls can keep working despite your entire network being offline)

My rough starting kit for a Linux-based network here would be:

- Some caching forwarding internal DNS server. If you already have an internal recursor or forwarder great, but it's good to let the DNS server serving your clients be separate anyway. dnsmasq/unbound/technitium/coredns/powerdns/yadifa.

- Internal NTP for syncing time. May be provided by your DNS or DHCP server already. chrony is good.

- apt-cacher-ng or other caching forward HTTP proxy for your apt/dnf/pacman/apk/whathaveyou updates.

- docker-registry-server in mirror mode and set up as mirror for any docker/podman hosts you have.