It's just Wireguard that doesn't route to Cloudflare servers and that's pretty easy to setup with Docker or algo or whatever. But self-hosting a VPN for privacy is questionable as to how much it helps (since the VPN server is probably sitting on your home network unless you put it in AWS/Digital Ocean/Azure).
(if the address you are trying to go to is hosted by Cloudflare, they route it using your normal connection so that it'll be quicker than going an additional couple hops to the WARP server and then to the Cloudflare dc nearest to the WARP server. you could say that this kills the privacy argument, but using their VPN at all means they can see what sites you are going to, so you'd already be trusting that they don't log.)
Yup, that's exactly where I sit. A well implemented VPN is useful because I heavily distrust my ISP. I _could_ use some other big VPN provider, I guess, but I've always admired the tech stack of Cloudflare.. so I'm interested.
And fwiw, since I'm sure someone will think it - I don't want to manage my own VPN on some remote server. Not only would I put myself at risk because I don't have the experience to manage a secure server of such importance, but all I did was move my risk from my ISP to some other endpoint (VPS hosting/etc).
It feels like a game of risks no matter what you do.
(if the address you are trying to go to is hosted by Cloudflare, they route it using your normal connection so that it'll be quicker than going an additional couple hops to the WARP server and then to the Cloudflare dc nearest to the WARP server. you could say that this kills the privacy argument, but using their VPN at all means they can see what sites you are going to, so you'd already be trusting that they don't log.)