Frankly these are useless. SSH is secure by default and will never support algorithms that could be possibly broken. Same for TLS 1.3

Docker bypassing ufw is very bad

The 2 in this rule isn’t clear: 2 different media?

Why is it important if it’s DVD & HDD or SSD & HDD?

How do you compare Caddy with nginx proxy manager?

Yes. For example, I want to share all emails on a particular person.

The emails can be easily browsed, searched, etc. I don’t want to share my entire inbox.

Deduplicate, compress, encrypt and snapshot. Encryption is a must. You don’t want to send your data out there in the wild, that might potentially be published in a dark net website. It might go everywhere who knows.

Is paperless-ngx useful for this too?

I’m referring to ZERO DAYs. OpenSSH is a serious security product. Those web apps are written by random people and probably riddled with vulnerabilities not known to public.

Here is the rule. Only a trusted vpn and ssh key authentication can be public.

You are doing it wrong: SSH with key authentication is the most secure piece, and could even be public. Immich and Jellyfin surely have zero days and should be behind VPN

Off topic.

Jellyfin apps seem to me less user friendly than plex.

Plex iOS app moves back and forth in the video pretty fast. Why are there pictures of cups and tea etc instead of clear 10s back and forth? Common!

If you are not familiar with VPNs set up, then use Tailscale. If it can make direct connections, you are done.

Otherwise, run a Wireguard server on VPs

These are server settings. The container shows the settings in the user account in the company website. It doesn’t recognize any server.

There is a “+Your Media” which brings a page: download and install plex server!