IE like Crypto AG:
In 2020, it was revealed that the Swiss company, Crypto AG, which provided secure communications services to ~120 governments throughout the 20th century, was secretly ran by the CIA and West German Intelligence. The CIA and later NSA were able to read encrypted communications for many countries such as Saudi Arabia, Iran, Italy, Indonesia, Iraq, Libya, Jordan and South Korea.
Yeah, using a VPN would be good enough, but I want it to be open to the internet, without any port/config restriction, so I can access it from any device and anywhere, so the only remaining thing would be to host and open the port on a VM, only DoT and DoH, no :53 open (that would really be insecure, as DDoS insecure).