I can confirm, I’m running the exact same scenario OP described (GPT-4 Telegram bot), on Oracle Cloud, and it works great. I found this implementation to be robust, easy to spin up, and easy enough to patch changes in.

Bad opsec? It’s a bad VPN if it needs an email at all. Look at what IVPN does, they don’t even have a requirement for emails to register. I’m pretty sure Mullvad just recently was raided by authorities seize whatever they want they said, won’t find any user data they said. And they didn’t. Also proton redirects or used to redirect from onion to clearnet when you signed in. It simply isn’t up to par with IVPN and Mullvad. What’s the point of a VPN where a government can just request them to leak your data? No matter how, AT ALL! What constitutes a big enough crime for them? What if next day it’s downloading Frozen II.mkv?

At least personally to me it goes to show that it’s not out of the question

Personally I don't trust Proton. I know I’m paranoid, but can’t be too sure about anything these days. To my knowledge MV and IVPN are the only ones with a nice privacy reputation. Shame they are cutting port forwarding