While there’s nothing particularly wrong with putting everything through a vpn, you could use a qbittorrentvpn docker image which runs a wireguard client with a kill switch which the torrent client can tunnel through.
You can simplify it way down to Kodi + RD and have your own streaming service. This looks more like a hobby though to get every little thing just right.
The frog in boiling water is actually a complete myth. The frog jumps out when the water is too warm for it, it’s not completely stupid. If the price is ‘too hot’ for you, jump out. Deezer (or any other streaming service) isn’t forcing you to stay subscribed.
If you like syncing across devices, Bitwarden (paid) or Proton Pass. If you already use Bitwarden and don’t like the idea of having passwords and 2FA in the same place, just make a second Bitwarden account.
For me, Plex or Jellyfin is great if I want to share my library with some friends or family, especially non-technical people. Kodi really needs tinkering and you need debrid subscriptions and requires more local maintenance. It’s great for me but I wouldn’t want to teach my family how to use Kodi and me having to fix it when it breaks.
An Nvidia Shield Pro is hands down the best but it is much more expensive. Slap a third party launcher over the top and use it for streaming Jellyfin or Stremio or Kodi or whatever floats your boat. Super responsive and is android-based so you can sideload whatever you want. It also has the most compatibility with most codecs so you’ll be able to direct play more through Jellyfin rather than transcode.