At my house, I’m already using a dynamic dns for some game servers because of a dynamic ip.

The boring method, unlock boot drive with password, then the other drives with a keyfile referenced in crypttab. Although now that I think about it, if I were to reboot the machine remotely I wouldn’t be able to do anything on the machine until I have physical access.

Cloudflare is a glowie honeypot, the traffic is mitm’d and decrypted by them to see.