Yeah, no problem.
I did try wrapping Wireguard inside of xray, but didn’t manage to make it work. Not sure if it’s impossible, but yeah.
xray clients can work as a system-wide VPN if you’re worried about usability. Just no communication between different machines connected to the same server (probably).
gonic as the streaming server, Lidarr for library management and some of the downloads, Sonixd/Tempo as desktop/mobile clients.
Works alright for albums (downloads are a pain), probably won’t really work in your case though.
Everything is running on a single-node k8s cluster (because infrastructure-as-code is awesome), but it’s probably overkill for most people. https://github.com/sibwaf/Infrastructure for reference if you’re interested (/selfhosted/charts - lidarr, gonic)
Shameless self-plug: I’m working on a Subsonic-compatible server which wraps yt-dlp (i.e. allows downloading from YouTube/Bandcamp and then streams it). Seems like it should work for your case of handling single tracks. It’s still very much in progress (very-very slow progress) and really isn’t ready for use, but if anyone is interested in following the project: https://github.com/sibwaf/Tapesonic