I use artix for my work and personal servers. There are a few kvm hosts and several virtual machines with internet facing services such as dns, web, mail, wireguard. On the way to be fully gitopsed with ansible. Sometimes I borrow specific packages from arch repos but almost everything can be made with artix alone. The only notable issue I had was with cloud-init which I replaced with more complex playbooks and bash scripts. Ama
maybe you issued one certificate with multiple domains, mixing internet facing ones with purely internal. It is very easy to discover hidden subdomains inspecting the certificate you get from a public service