Yeah its a mistake. A mistake that will keep on giving problems over time.
If you’re starting up the IT for a small business you probably shouldn’t be buying server hardware at all in 2022. At they very least you should IMHO be thinking cloud first for manageability/security reasons.
I’d be buying them an Office 365 subscription; this will both give them storage/mail and licensed copies of office and manage them totally cloud. Set them up with multi-factor auth, 365 hosted mail, etc.
Use Onedrive/Sharepoint for their storage (or at least: azure files). This way if they lose/kill a machine they can carry on from a tablet/any random PC, browser, etc.
VPNs? Fuck that. Try to focus on using cloud storage/cloud apps (obv cached locally).
Unless you have legacy on-prem infrastructure or are a hobbyist, trying to run shit on prem in 2022, especially if you’re new to this stuff is most likely a mistake. Unless you have some very specific app that has an on-prem requirement… just don’t if you can avoid it.
2c - i’ve been doing on prem for 25 years, but given a green-fields set up i would not willingly choose that path today. And thats WITH my 20+ years of experience in networking, enterprise SAN/NAS, virtualization, etc.
The amount of money you’re going to spend on hardware, time, fucking around and software licenses to get them off the ground would probably pay a couple of years of 365 for a 10 user company quite easily. And that’s before you even think about backup software, tape drives, off-site DR plans, etc. The sub costs may (? its all relative) look expensive up front, but to do what you get included in a 365 stuff (or google docs, whatever), on prem simply is not cheap either.
All that said, you’re probably better off hiring someone who knows what they’re doing to help set THAT up as well. You won’t need much, just some assistance to make sure you don’t fuck up the initial tenant setup and record the relevant security details properly; you should have a break glass account that is NOT used for daily admin, but saved somewhere safe.
Trying to get an on-prem environment sorted out and backed up, etc. properly in 4 months by yourself as someone green is just a recipe for disaster. I’d definitely start cloud and if necessary add some on-prem stuff for the “can’t run in 365/azure” stuff as required.
Otherwise its going to be death by 1000 paper cuts of patch management, backups, troubleshooting performance problems or worst case recovering from data loss due to bug/cryptolock, etc. If the power goes out on-prem? Guess what - you don’t have infinite UPS capacity. Internet goes out on prem? etc. Cloud provisioning gets you resiliency for free.
Try and reduce the shit you need to deal with down to local switching/routing and administration of their tenant / local PC/mobile device management imho - otherwise you’re going to get overwhelmed with it and need help pretty quickly, even with skills there’s simply way too much to do, to run a secure 100% on-prem environment for anything other than a trivial dinky little home setup.
Also remember this:
- if you set them up for the cloud, you’re forward thinking and going with the trend for the entire IT industry, getting them best-practice managed services, global reach, etc. The subscription costs are spread over time and require little up-front capital expenditure (shit, just deciding what hardware to buy for some unknown future workload they may have is a mission in itself). Adding new capacity is trivial and requires minutes of effort.
- if you set themselves up yourself on prem you maybe save them a buck but if it all goes to shit you’re toast. If you buy the wrong gear? Find a glitch with the way your backup software handles Truenas? Gear blows up due to poor/insufficient power protection (or plain manufacturing defect)? etc.
- billing for cloud consumption is trivial. what if person/dept X in the company complains about server capacity but it isn’t in the budget for a new company server. who pays for it?