Remote access security with caddy on QNAP NAS

[delta1713]

Hello, I wanted to set up remote access to my Jellyfin server hosted on my QNAP NAS and I followed this thread (https://forum.jellyfin.org/t-access-your...with-caddy), but had to make some adjustments to get everything to work and wanted to make sure I hadn't created some vulnerabilities.

The process I did was as follows:

-create DNS records for A and AAAA to point from jellyfin.mydomain.com to my ipv4 and ipv6 addresses respectively

-check "allow remote connections to this server" in jellyfin

-port forward ports 80 and 443 to my QNAP NAS (suppose it's 192.168.1.10) for both TCP and UDP

Here's where I had to deviate, the QTS operating system for QNAP devices has a built in docker application to run docker images, so I pulled caddy:latest from there and ran it with the following settings:

caddy reverse-proxy --from jellyfin.mydomain.com --to 192.168.1.10:8096

default weburl port: 80

publish network ports:
host: 80; container: 80 (TCP)
host: 443; container: 443 (TCP)
host: 443; container: 443 (UDP)

After that caddy was able to correctly obtain the certificate and I was able to connect externally to my home network to my jellyfin server by putting jellyfin.mydomain.com as the server name. 

It seems like it is working properly but is this actually secure? Have I inadvertently created huge vulnerabilities in my home network?

Thanks.