Yes, using their so called cloud service, so I'm managing everything myself.

I using hetzner as a VPS provider for hosting my kbin instance. There are probably cheaper hosting companies out there but they works and have never had any problem with them.

I have a public domain that I only use internally on my home network. I have a local DNS server that handles all my internal DNS records. So I just point my DNS records to my nginx proxy manager's local IP address and let it create certs using DNS Challenge. So I don't need to expose anything external to make it work.