I sidestepped all this crap by buying Synology in 2014 and upgrading 2 years ago. Sure, it isn’t FOSS, but it is very nearly plug and play.
I configured OpenVPN for when I want to use it remotely, and self host my music, video, and family photos.
Having the 4 drive RAID-6 gives me some security from the danger of losing data between backups.
I store all my scanned documents, ocr’d, and keep the paper under control.
I had success using openVPN. I set it up, generated certificates, installed it on my phones, tablets, and laptops.
It won’t work when using an external vpn like Express or Mulvad, but while using it, you have secure connection to home. Once done with the home network, turn off the vpn, turn on your commercial vpn.