If you’re using UniFi, Teleport is a solid option. I have a couple devices that can’t run teleport like a travel router so I just use WireGuard.

Another option that people use a lot is Tailscale but it’s a service and not self hosted.

I’m not familiar with paperless but I think you need to set PAPERLESS_BIND_ADDR to 0.0.0.0.

I run unbound alongside pihole for extra privacy and I keep my unbound config in git. I have gitea set up to push out new unbound configs every time there’s a git push.

If you go the ZFS route, you could check out syncoid.

Some other tools that might be worth considering (that aren’t related to ZFS) are borg and restic.

Hope that helps.

This would be a great use case for ZFS. You can use dataset replication to sync the data. I’ve been very happy with TrueNAS but I think it only became recently available for the Raspberry Pi so not sure I would recommend it but I think you could use ZFS. You can use ZRaid too if you multiple drives. The only limitation you might encounter is memory since ZFS is a bit of a hog. On the plus side though, ZFS should protect against bitrot if you’re worried about that.