Can the vps provider not read everything on your server, unless it’s explicitly encrypted?
I’m asking because I’m interested in self-hosting mainly as a way to get privacy respecting services where good hosted ones don’t exist. I’m not sure I really want to deal with running my own hardware
I had similar concerns in the past. I decided to move all of my VPS hosted services to a physical server that I control. I then use a VPS as a portal, set to simply forward traffic without unencrypting the HTTPS. Look up SSL pass through.