A large amount of vulnerabilities are addressed in the latest upgrade of Debian Bullseye.
When I migrated my server I took the opportunity to split my setup into two servers: one for running public services and one for keeping my files and backups.
The reason I didn't separate them from the beginning was because for a very long time I didn't even have any public facing services. Then I tried a few things out and just as every temporary thing in IT they became permanent.
Apart from improved data security my new setup incidentally provides another opportunity in that I can now try new upgrades on my file server before subjecting my services to possible long disruptions. I'm very grateful to my past self for that.
-- CC0 Björn Wärmedal