@os2sam, well my ADSL with bandwidths of down 12285 kBit/s and up only 940 kBit/s is pretty bad, the info page for running a full node tells to have at least 400 kBit/s upload bandwidth available, which would not leave much room for anything else.
Have you considered using a solo pool such as solo.ckpool.org? That way you don't have to mess with an external full node if you don't want to.
I just took a quick look at GBT, AntMiners' cgminer certainly supports it, but how to configure a S7 to use it? And is there any advantage or disadvantage in using getblocktemplate instead of stratum? Does it require RPC and is it safe to use over an unencrypted Internet connection?
Just point your miner at
http://nodeIP:8332 or whichever port you use.
About rpcallowip=::/0, yes it allows any IP address (new format instead of asterisk), but it should not be any good without rpcuser and rpcpassword, but I guess RPC data is generally transmitted without encryption, so that's only something for use with a VPN tunnel then.
Allowing any IP access to your node allows any hacker a socket to your system which just makes their job easier. So just allow the IP address of your miner.
As for encryption, I'm assuming it would encrypt your RPC user id and password. I wouldn't want that in clear text.
About using the full node's wallet, the official full node info page tells:
It’s possible and safe to run a full node to support the network and use its wallet to store your bitcoins, but you must take the same precautions you would when using any Bitcoin wallet.
So it should not make any difference, if it's a headless
bitcoind as a full node running on a dedicated server in a data center, or
bitcoin-qt on your own computer, but the question remains: Can a local
bitcoin-qt be used as GUI to connect to a remote instance of
bitcoind using the
-connect= argument?
I am sorry if the answers to these questions should be obvious, but I do not have anything for this endeavor running or available yet, I'm just trying to figure out how it all can fit together beforehand.
I wouldn't put my wallet on a public facing internet connection. Most of us have a full node running behind our NAT and firewall. You can solomine to any bitcoin address you have control of not just the one on your public facing node.
Look at the command line options in Bitcoin-qt if you haven't already.