I’ve been looking at esp32’s with wired connectivity lately. POE would be a nice touch.

Different use cases.

My setup is similar. My main “desktop” is a Slackware VM through VNC/guacamole.

Why are you running full VMs for something that can be put in a container? Sounds to me (without having any evidence or proof) that you’re running out of memory and you’re swapping and it’s taking forever. That’s what causes the VMs to slow/stop.

Why not just run your own WireGuard instance? I have a pivpn vm for it and it works great. You could also just put jellyfin behind a TLS terminating reverse proxy.

Correct. SearxNG is very much still active. Check the GitHub page or matrix/IRC.

Cloudflare zero trust tunnel might be up your alley. Look into that. It’s free but has privacy concerns so do your homework.