I have a server running Unraid at home. I have ~20 docker containers running at the moment with almost all of them only available within my local network. I just stood up an instance of Seafile on the server to act as a google drive replacement. Still in the early test phase before I commit to throwing important stuff on there. I have my domain proxied through Cloudflare so none of my local ports are exposed to the internet. Seafille has complicated passwords set for admin and user accounts (generated with Bitwarden, hot damn I love that app). I also enabled 2FA on each account. I know that I can further clamp it down using some of Cloudflare's extra access controls but in my admittedly limited experience, those all cause issues getting an app to authenticate with the service. Web apps don't have this issue of course.

So am I ok with this setup? I can encrypt the data before uploading easily as it's a built in feature of Seafile. Or would it be better to just run with local only and run a VPN to access when I'm outside?

I figure just about any effort along these lines I trust more than Google with my data. But I may be overconfident in that perhaps. I'm still learning the ropes with Linux and self-hosting in general.

How does Mullvad removing port forwarding affect an Unraid setup using deluge-vpn container?

I don’t access my server from outside my network and just use a basic binhex deluge-vpn docker setup. Any issues I’ll have here?

Currently out of town and won’t be back until after this change happens tomorrow. Curious what to expect when I'm back home.

I have to preface this question with a disclaimer that I am an eager learner of Linux and servers in general, but I'm still a beginner and often run into roadblocks.

Current setup:

• Raspberry Pi 3 with Adguard Home acting as primary DNS
• unRAID server with Adguard Home acting as secondary DNS
• About a dozen other containers running on same server
• DHCP is handled by my router

Goal:

• provide local DNS names for the containers running in unRAID so I don't have to enter IP:Port (e.g, calibre.local) which also has the side benefit saving the various username/password combos into Bitwarden with an actual domain attached to it instead of 14 occurrences of 192.168.x.x

Additional info:

I had PiHole running on the Pi before as the primary and only DNS previously. And I seem to recall you could put IP:Port as a custom DNS and have it resolve. AGH does have a feature for DNS Rewrites but it does not allow for port numbers, IPs only. I switched to AGH because it seems to be more effective at blocking ads, which is likely more a function of the provided DNS blocklists out of the box as opposed to what I was doing in Pihole. I would prefer to stick with AGH for adblocking/DNS if possible.

I looked into just modifying host files on the main computers I touch these apps from, but again, can't include port. What is a good solution for this? Preferably something approachable for a newb like me.