You can run off docker compose + k3s for best of both worlds
docker compose for those services that are essential and you can replicate easily if you ever need to replace the NUC ( back up the files/folders to Git-something or whatever works as backup). It makes it way much easier to start everything that you need with a single command.
k3s because it is kubernetes and everything runs off k8s nowadays
Forgetting how x service works when it is dependent on y service which is dependent on the NAS and the NAS broke and you wonder why everything else is broken too.
Local gitlab instance for...source code versioning/storage/git + CI/CD - my home services are mainly deployed as containers.
prometheus/alertmanager/grafana/loki/node-exporter/promtail for observability + SSH violation - alertmanager sends instant messages to my external IM.
guacamole - remote access to my windoze from browser.
CFSSL - easiest cert generation. I wrote my own Go client to interact with it to create then store my cert/keys into HashiCorp Vault.
OMV - easiest to use NAS software.
mattermost - your own IM + you can extend it by writing your own slash commands.
coreDNS/pihole/powerDNS-recursor - my DNS infrastructure. CoreDNS allows you to write your own modules so you can extend the functionality beyond what is already published as official modules. PiHole for DNS filtering. CoreDNS is authoritative nameserver, powerDNS-recursor for recursive/cache DNS server.
Self hosted NTP server ( ublox NEO-6M sat receiver UART to Radxa Zero ) for NTP stratum 1.
On arm64 as well!