Kualk

I recommend that route as well.

Since you don’t know much, stick to native services. In most cases those are already preconfigured if native service package is available.

You don’t specify.

Do you use containers or not? It sounds like you are trying to start a rootless container.

Otherwise, you are over complicating things.

Add to that need to use machinectl to establish normal user session with DBus in it.

But that only makes sense for rootless containers. User management in rootless container and users in roootful containers can get complicated fast and depends on how image is built.

Any HTTP proxy will do it without VPN complexity.

I don't see how exposing only port 443 makes much difference and port 80 for letsencrypt renewals.

If you are really concerned, buy VPC from large cloud provider, install HTTPS server proxy, configure your web browser to use it. 512MB RAM server will be sufficient as long as it is given enough CPU. Free google instance is suffering from low CPU, not memory.

This way your link between you and internet provider is obscured. Your IP will be shared with others by cloud provider, so you get some obfuscation on that end.

If you use your own certificate authority, then you will get 100% man in the middle protection for link between internet provider and your home. If you use let’s encrypt, then we don’t know that status.

Advantage of this model is speed.

Your browser is still finger-printable, as always.

Securing DNS is its own topic.

You shifted your identity to cloud provider, so it is never 100% safe.

Forget about we keep no logs VPN statements. Judge order and you are logged by VPN provider and don’t know it. So what are you paying for? Slow speed and obfuscation of IP?

What does VPN hide that HTTPS can’t hide for media server?

I am looking at the scenario of listening to my music collection on self-hosted Jellyfin server.

IP address of my phone? That’s irrelevant.

HTTPS is way faster than VPN.

If your facts were correct, this would not look so strange.

Look for roots of conflict deeper than what’s on the surface.

All these downvotes really prove your point.

I think I might switch to that.

I used Firefox for cross-platform password management. That’s the biggest impact on me.

What’s wrong with Chromium? License or Google backing?

The issue you have is most likely a BIOS artifact. New drive makes bios think you have EFI based system vs old drive was BIOS.

You are not likely to get accurate help here.

You don’t need to make drastic moves destroying data, but playing with BIOS settings may help.

You may need to identify your system capabilities, to troubleshoot effectively. Here is one way to do that:

https://wiki.archlinux.org/title/Installation_guide#Verify_the_boot_mode

I am not saying to install Arch. Just a way to identify your system.

One easiest way to get your old disc back is to wipe out formatting data on new disk. Be warned that running wipefs on wrong drive will loose all of your old disk data in less than one second. So, identify your disc with absolute certainty using lsblk, you may need options to lsblk.