Well, if you want private images it is normal that they charge you for it. What I advise you to do is to make the images public and mount the private part as a volume. This way you can upload the images wherever you want without worrying.

Another option if you want the resulting image to have something private is to create as much as you can in a public image and have a script that adds the private part as the last layer.

Apart from the registries you have in GitLab and GitHub if you are looking for something more generic like Docker Hub you have Quay (from RedHat). It works very well and has a pretty nice interface (especially the new one that is in testing).

You don’t really need Cloudflare to have your own domain, you can do everything directly with GitHub.

It is not about leading anything but about having the code in a repository so that it is easy to read/consult/audit/etc.

You can upload the code to any service (it doesn’t have to be GitHub, it can be GitLab, sourcehut, etc…) and disable issues and comments.

Best alternatives:

• GitLab
• sourcehut
• Codeberg
• Forgejo on Disroot

Self-hosted:

• Gogs
• Forgejo
• GitLab

Other alternatives:

• Bitbucket
• Launchpad
• SourceForge I do not recommend this one, but I put it anyway.

LessPass has the possibility to connect to a database (via its API) to store the configurations made for each site. This API can be used from any of the clients (either the browser extension, the mobile application, etc.).

You set up the DB server wherever you want. If you want something light you can use this implementation. And if you are interested, there is also a command line client.

In my view, both a password file (vault/database) and LessPass are potentially attackable via brute force. I don’t see that one is safer than the other.

Before using borg I would recommend you to take a look at restic. In my opinion it is better in everything than borg.

As for how to backup the database, my advice is to export the database to a SQL file and backup that file. That will always be easier than having to deal with agents that connect to the database.

As for the number of repositories, if you use restic, a single repository is enough. Besides, as restic does deduplication, if you have the same files between your machines, they will only occupy the space of one. ;-)

I hope I have helped you with some of my ideas.

Best regards.