> I kept my box running for more than 1 year without upgrading docker.
You inadvertently raised the primary point against self-hosting: security vulnerabilities. Apparently you might have been running software with known CVEs for over a year.
Much of this risk is mitigated by hiding everything behind Wireguard or similar. None of my self-hosted stuff is publicly exposed but I can reach it from anywhere. You can go one step further and run some kind of gateway OS (e.g. opnSense) on a separate cheap VPS, route everything through that, then firewall your main server off completely.
For starters, addressing security vulnerabilities.
https://docs.docker.com/security/security-announcements/
> I kept my box running for more than 1 year without upgrading docker.
You inadvertently raised the primary point against self-hosting: security vulnerabilities. Apparently you might have been running software with known CVEs for over a year.