Use a reverse proxy to proxy everything through https, then you can install how many services you want. Caddy is super simple, you can reverse proxy with just 1 line.

For calendar and contacts (caldav, cardav) Baikal is extremely easy to install and use. And pretty minimal.

As far as I knew reverse proxies could only reverse proxy stuff coming in from 443 or 80, I didn’t know they could listen other ports as well!

Main reason why I was using a reverse proxy at first is because I had everything behind cloudflare, and cloudflare can only proxy and give you an SSL encryption for stuff that goes through 443, so I could make Caddy listen to 443 and then forward to interested ports.

But this leaves out everything that needs to go in some other places than 443, and requires its own standalone ssl certificate, which is a bit cumbersome. Pheraps these can be proxied with other proxies than cloudflare, hopefully giving SSL to everything…

I’m not sure I understood the upstream ssh thing, what do you actually do?

Honestly, with Fdroid and many other open source projects at risk after Google’s last madness, I wouldn’t take anything Android anymore (nor Apple of course).

My next phone will either be a dumbphone or a Linux phone.

Self hosting IS hard, don’t beat yourself too much because of it… After all you’re trying to serve services for yourself that are usually served by companies with thousands of employees.

A server requires knowledge, maintainance and time, it’s okay to feel frustrated sometimes.