Hello there, I put together a small Usenet setup with thick containers and would like to have your opinion about what should and shouldn’t be behind a VPN to connect to the outside.
Container: SABnzbd; no VPN, but SSL Jellyseerr; no VPN Jellyfin; Radarr; has VPN Sonarr; has VPN Readarr; has VPN
Here’s my basic setup. I have a container that I call dl1. This has qbitorrent, sabnzbd, and a VPN client. This container only accepts connections from my local subnet or connections from the VPN interface. Everything else, *arrs, etc are separate containers that communicate with the dl1 container. Total seperarion and totally secure. I administer everything from tailscale if I’m not on the local net