What are you trying to achieve with a VPN? The only thing you’re doing is moving your browsing habits from your ISP to your VPN provider, and if your VPN isn’t trustworthy, then you’ve basically achieved nothing.
When buying a VPN, you do it for one of two reasons: hiding specific activity that you don’t want tied to your address, like downloading copyright material, or if you want to access services from a different country, such as geo-locked content.
Only change I’d make is to run Debian on my server over Ubuntu. I’d still run everything in Docker Compose rather than something else, or consider the use of something like k3s.
The server setup to get it ready for hosting data was a bit complicated, so I liked someone’s suggestion of putting everything in an Ansible playbook. I’d consider doing that.