They provide decent defaults for all the not-so-straightforward configurations, and they provide a web UI to configure the rest. That’s the sole reason I would recommend it to get one’s feet wet without having to work too much.

If one is committed to do things “the right way” they could switch to Nginx and “proper” self-hosting later.

I would say this would be the proper way to do it (at least as a sysadmin), but since it’s OP’s first time I would simplify it to:

1. Install CloudFlare ZeroTrust daemon on your local server;
2. Set up reverse proxy such as Nginx (optional, the alternative is to use a different subdomain for each service, which might be easier);
3. Point the FQDN to CloudFlare.

Let CloudFlare handle the certificates, DDoS protection, etc… Link if you’d like to give this setup a try.