@balloon I think you completely misunderstood my message. I know how to keep an A record up to date with my IP address. I have no problems with that.
@Whitestrake Thanks for the input! Couple of comments/clarifications:
Sure (for most people). I am not forwarding port 80 from router to server. Cloudflare would not be able to reach Caddy through HTTP.
I did consider, but I don’t want to to extend the “family IT support” role for their devices.
Sorry that I was not clear enough on this. The trust/privacy question was towards Cloudflare as a company and not about the technical details (the Full strict mode). I have a good idea on the magnitude of Cloudflare and no, they obviously would not care about my humble server at all. I agree their reputation would be really damaged if they were caught snooping around. Nonetheless, I still wanted to make sure I understand correctly what they would be able to see if they really wanted it, and your comments cleared that out really well.
Thank you once again! I’ll use Cloudflare as a regular DNS only. Then all request/responses will be directly between client and home server (and always through HTTPS, of course).