To maintain my privacy I proxy it though :)
To be fair for now it’s only used to access some admin portals for services I got running (Arr stack, syncthing, etc). The main domain isn’t even mapped (so gives 404), though at some point that might become a portfolio website.
I’d like to do the same, but atm I use nginx to serve all the web interfaces… And keycloak support is either a plus subscription feature or made to work with hacky Lua scripts.
So for now it’s security through obscurity, I got a wildcard cert and the pages are accessed based on subdomain. So afaik nobody has a clue unless they start iterating common subdomain names. (At some point™️ I’m adding proper auth though)