Pretty much what OP wrote but recently moved to grapheneos, and a pi-hole to block tracking/ads.
Also personal (self hosted) instances of searxng, piped, libreddit, which connect via the vpn tunnel.
Vpn is paid in cash. Matrix and email are self hosted (but not on my lan).
Selfhosted tailscale/headscale.
Different browsers and profiles (primary Firefox but also vivaldi). Self hosted nextcloud.
Thanks for the insights, I'm also in the process of moving to more self-hosted services. Just finished transferring my media library to a Jellyfin instance for local movie/series watching. I also plan on self-hosting Matrix and Seraxng, will be my next project for the holidays.
I'm long thinking about installing the PI-Hole, I should just do it, not much work to do for a great addition to the network.