I agree here. AdguardHome is way easier to configure and just have it work. Evidently, it’s always important to maintain, like any other software, but it is way less hands-on than PiHole.

deleted by creator

I’m honestly more scared of portainer than actually running compose from CLI 🤣

It is no riskier than any other reverse proxy or tunneling app. If you follow good opsec, you should be fine. In truth there is no bulletproof way to avoid intrusion, so do the best you can without completely doing away with convenience.