If your applications require different libc versions, then regardless if you used containers or not, you'd have each of them in memory. If they don't require different versions, then you're just blaming containers for something the user is responsible for managing. When alpine images are a dozen or so MBs, base image disk size is basically irrelevant in the grand scheme of things, as you probably have much more than that in dependencies/runtimes. Even Debian base images are pretty tiny these days. Depending on the application, you could have just a single binary with no OS files at all. So if you do care about disk and memory space, then you would take advantage of the tools containers give you to optimize for that. Its the users choice on how many resources they want to use, its not the fault of the tooling.
meteokr
The main thing for this is cost. I don’t really know what performance specs for a VPS I would need to reasonably have good network performance with ~10 devices, though I’m guessing I’ll have to have something =<10Gbsp. So maybe $25-$30/month depending on who I buy a VPS through?
Would EACH of your devices have their own dedicated gigabit connection to your server? Even so, are you the only user or is this for some family members also? If its just you, you can 9/10 just get a basic 5$ or less gigabit VPS. You'd much more often be limited by your outbound connection than your VPS networking, by a considerable margin. Most things you are connecting to won't saturate even a gigabit connection, so you'd be well under your bandwidth requirements.
You can also pipe yt-dlp into vlc if that suits your fancy.
If the exclusive ownership of something, in order to sell it, is the primary choice driving factor of a project. Then you should just make it proprietary. Anything else would limit your margins, since someone else can just fork your project, change it and make it proprietary themselves. A dual license is sometimes used in this case as well.
Probably not the 'recommended' way, but I use a selfsigned cert for each service I'm running generated dynamically on each run with nginx as a reverse proxy. Then I use HAproxy and DNS SRV records to connect to each of those services. HAproxy uses a wildcard cert (*.domain.tld) for the real domain and uses host mapping for each subdomain, (service1.domain.TLD).
This way every service has its traffic encrypted between the HAproxy and the actual service, then the traffic is encrypted with a browser valid cert on the frontend. This way I only need to actually manage 1 cert. The HAproxy one. Its worked great for me for a couple of years now.
Edit: I'm running this setup for about 50 services, but mostly accessed over LAN/VPN.