You don’t. Unless you want your hobby to turn into a 24/7 support job.

Going back to the Tailscale thing - is it possible to point the domain to the IP address of the Tailscale container, so that the domain is only accessible when I switch on the Tailscale VPN? Is this a good idea/bad idea? Is there a better way to do it?

Yeah that works perfectly. The domain will point to your Tailscale IP, but that IP is not reachable unless you are in the VPN.

On my box I have a Caddy container with the Cloudflare plugin, that automatically generates Let’s Encrypt certificates. And I can use it to point (sub)domains to certain docker containers. (see: https://caddy.community/t/how-to-guide-caddy-v2-cloudflare-dns-01-via-docker/8007 )

Yeah, it always stresses me out when I see people saying that synchthing is a backup solution… (not that OP did here)

I suspect the issue is with the SSL Certificates…

For starters, do you already have a domain? If yes, which nameserver are you using?

Also more importantly, what problem do you actually have?

The main issue is not the website itself, but opening your network to be reachable from the internet in a safe way.

connect it to a 5 TB hard disk (initially) and dump all my data into it

Don’t forget about backups! That 5TB drive can die at any random moment.

In general the term you’re looking for is “self-hosted dashboard”.

One I like is called Homarr