Are you able to open it to the internet and put these services behind an auth proxy? that might be the way to do it. Or if it already has login you might be able to put it behind a cloudflare WAF or similar and restrict bots and bad actors.
Duplicati docker container works pretty well
Unraid works this way too. Its perfectly fine as long as you keep frequent writes off it. Use ramdisk when you need scratch space.
create a separate macvlan network and have each container get its own unique IP. Its bad security practice to have it share the host network anyway.
Im pretty happy with protonmail. Email is kind of important you may not want to go with the cheapest option.
That really depends, are you looking for an actual filesystem or (for real) object level storage? Does the frontend have compatibility with s3-type endpoints?
I would recommend a vpn like tailscale to encrypt traffic and not expose your local env to the internet
Here are some self-hosted s3 compatible options: https://geekflare.com/self-hosted-s3/
Although I think you might want to reconsider your architecture here. If you’re planning on self-hosting the storage for a frontend hosted on a VPS somewhere latency is probably going to make for a pretty bad experience.
not sure how long ago that was but duplicati can now validate backups via checksum every time after writing somewhere