In my case I am just interested in the software I'm running behind the proxy. I use CF tunnels to expose my internal services, and spend my tinkering time on the actual services, rather than (to me) wasting the time to bother with worrying about updating IPs or setting up custom auth schemes (I keep a lot of my services locked down entirely behind github SSO, so you can't even reach my e.g. Jellyfin login page without first being auth'd to github as me, which basically prevents all brute-force attempts on my services).