I understand your frustration. You only used Vaultwarden in LAN and if you need it from outside you used VPN. I'm not sure if local access could be established with self signed certificate, just because I never tried that option. I would warmly suggest you to buy a domain (it's very cheap) and that is the only cost. All in all you can use your domain, e. g. subdomain for other access also (emby, plex, nas, blog, website .... you name it), it's usefull. Setup Nginx Proxy Manager container, connect your domain to Clouflare and you are preety safe. It's not so hard to do, it really isn't. Not to mention Let's Encrypt certs are also free.