Thanks for the great intro. I do segregate my network using vlans now to isolate things like my printer which I don't trust and also my guest network. I also isolate my wife's devices as I don't generally trust Windows being behind my firewall either.
I'm currently wrangling with a good solution for selectively routing certain traffic via one of multiple VPN connections I have on my router.
I'll look into rdomains to see if this may help my situation if not only to make it more simple.
I used to do this with pfsense to route all traffic from a specific internal IP over a VPN. If I remember rightly I set up multiple VPN connections (across multiple geographic locations) and set up a way to link them all together as a logical interface (I think it was called a gateway). I then pushed out that gateways IP to the server over DHCP. I guess routing tables would have also worked. I assume all of this is possible with just pf.
These days, I have removed this functionality from my router and moved it directly onto the server. I run the container haugene/transmission-openvpn which creates and maintains a VPN for transmission, but also has a proxy I can direct other containers to use. This has the benefit of keeping more of the prerequisites of these servers managed in the same docker compose file. It bakes in most of the popular public VPN configs, so you can enable them with a few ENV vars.
I'm currently wrangling with a good solution for selectively routing certain traffic via one of multiple VPN connections I have on my router.
I'll look into rdomains to see if this may help my situation if not only to make it more simple.