This would definitely be the ideal solution, and it is certainly how the Internet was intended to be used, but a lot of residential ISPs either frown on hosting services on a residential link, or outright forbid it. Plus, CGNAT is more or less inevitable at this point, might as well embrace it.
Like you mention, services like tailscale and cloudflare tunnels are a way around it, but that introduces complexity and additional trust in another company.
The main reason I host my stuff on a VPS is because if an attacker finds their way in, I don't want them to have unrestricted access to my home network as well. (And I'm to lazy to set up a DMZ...)
Like you mention, services like tailscale and cloudflare tunnels are a way around it, but that introduces complexity and additional trust in another company.
The main reason I host my stuff on a VPS is because if an attacker finds their way in, I don't want them to have unrestricted access to my home network as well. (And I'm to lazy to set up a DMZ...)