Hello everyone!

I’m fairly new to this selfhosting stuff, and I’ve been learning a lot of stuff from all of you, so first of all, thank you for your awesome contributions, guides and help.

First, some context of what I have.

- I’ve everything working under a ubuntu server. I mainly use it for nextcloud, Jellyfin + ARRs and transmission for my linux isos.

- I also use NPM as a reverse proxy to access all of my stuff from outside.

- All of my services, are installed through docker compose.

- I have a google domain pointing to my router, so I need to keep it working.

- I want to use a VPN server to protect some of my services.

- Last but not least, I need some of my services (jellyfin and nextcloud at least) outside the VPN as my family uses them, and I dont want them to be installing vpns and stuff to use it.

Few days ago, I had a problem with transmission where someone was downloading games, and some of you suggested me I should use a VPN with split tunneling. Mullvad seems to cover this, and I read a lot of people saying good things about it, so I think I should go there.

I’ve been reading a bit about this, but I’m totally confused on how to do this. I’ve read a lot of info, and it looks overwhelming to start from 0. Might end up being easy, but I’m lost and don’t know where to start.

  1. Do i need to install mullvad server directly inside my linux? (I haven’t seen much on installing it through docker, but I would prefer this way if possible). I have seen a docker mullvad web browser but I’m sure it is not what I’m looking for.
  2. Do I have to create an account in mullvad outside my server?
  3. what does tailscale have to do with all of this? and why people encourage its use so much?
  4. how should I start with this?
  5. Do I have to port forward If using VPN?
  6. Do I have to still port forward for the services I want outside the VPN? (Jellyfin and Nextcloud) or is it the only way to reach them?
  7. Can I keep all my services under my google domain even when some of them are through VPN and the others dont?
  8. Do I have to change settings on my reverse proxy in order to make this all work?

Sorry if those are too much questions, but I’m about to hurt myself in confusion.

Thank you all in advance!!