If you use this, it makes sense to run it at home. If you run it on a VPS, traffic is decrypted on VPS, the same privacy issue with Cloudflare tunnels. You have to trust the VPS provider.
This is true! But you have a little more control over who you might choose to trust. For example - you might trust AWS not to snoop in your VM more than you might trust CF to not collect valuable usage data about you when they decrypt your traffic.
Agreed - there’s a big difference between “I actively asked CF to terminate my TLS” and “I suspect my provider is scraping unencrypted data out of my running VM”
I doubt there is less monitoring at a VPS than CF. Many VPS companies are less known and smaller, and may not have professional audit and access processes in place.
