I'm using OPNSense for the router, on their dedicated hardware - DEC750 iirc.

The switches are mostly Mikrotik, with some Unifi switches.

The wifi APs are all Unifi - they are all PoE and wired into the same network, no mesh. Even between buildings I ran fibre.

For the switching and routing, were I to do it again now I might go all Unifi. They recently implemented some much needed updates to make doing things like firewall rules and routing based on device much easier. I have a complicated set of rules in OPNsense to route IOT VLAN traffic out via a VPN connection, which require static IP assignments via DHCP, but under the new Unifi network I could do it with a few clicks and being able to use device attributes rather than a static IP.

I am also using an SLZB-MR1 for a ZigBee controller and Matter over Thread border router. I've got a bunch of IKEA and Mercator ZigBee light bulbs/fixtures that act as ZigBee routers. It's a strong enough mesh I rarely have issues with the ~180 devices on the net.

I wouldn't put running a weather station in the same class of disk activity as running Home Assistant. It is writing a fairly large amount of logs, plus statistics for every attribute/sensor for every device. The more devices you have, the more you will be writing.

There are regularly threads from people with "I restarted HA and now I get this weird boot error message", and it's because their SD card died.

You do you, but it's common enough of a problem that I think it's worth calling out as a "Don't do this".

Add-ons (now apps) can't be done without HAOS. It's one of those non-obvious things.

There's other things I forget which are also more difficult/annoying to manage on the container version.

I have a rather large docker compose stack so my first experiments with HA were as running it there.

That lasted maybe a week before I went and ran it as a VM instead.

Interesting. I also run HA in a container and getting it to pick up my Zigbee dongle was so easy I don't even remember how I did it.

I haven't tried BT, but my HA box lives underneath a couch with a big steel pull-out bed so I don't imagine it would work very well anyway.

An enthusiastic two thumbs up to this approach. It's exactly what I run at home that has been working solidly. I run on an N100, which is just a hair smaller than an i5-8500, with 32GB DRAM and a 1TB SSD (total overkill). I keep it under proxmox; the box also runs my unifi SDN controller, pihole, and a linux VM for various little services. Two USB dongles for z-wave / zigbee / matter (because I'm a glutton for punishment). Backed up to a NAS. It's fast, easy, and has been very reliable.

I have HASS running on a dedicated VLAN, IoT junk on its own, separate VLAN without internet access, through a managed switch. OPNsense sits in between and does the routing. Didn't have to mess around with anything, just ran the "vm appliance" or whatever it's called for hass and I was off to the races. Wireguard on the firewall gives me access from outside the house.

Actually, both OPNsense and Hass are VMs on the same machine, with the latter's network not even connected to any physical port outside the box. I'm not even running Proxmox or anything fancy, just libvirt on Arch. The only "fancy" thing is a 2nd hand Mellanox NIC I got off eBay for 30 €, which presents virtualized interfaces to the VMs, but HASS doesn't actually use those.

There's also no need to manually screw around with any reverse proxy for TLS; HASS does it with the Let's Encrypt add-on. The only missing piece when I set this up a while ago was something to regularly renew the cert (the add-on would only get started at boot-up).