I have been using it for years now for my personal stuff (almost all containers) and it's a breeze (the https part especially). I recently  added SSO for all my local stuff so I just have to login once and have access to everything.
* the DB is supported by a backing file
* this backing file supports multiple read threads simultaneously but writes are locked via filesystem locks
* write performance with multiple writers is therefore dangerous
* read performance is good if no one is writing and consistent even if someone is
This is what I do. I don't remember setting it up being particularly complex
Seems like the perfect thing for me (I run a stupid dual-traefik setup that does TLS SNI negotiation for me that I want to get rid of), but I can't figure out what is this.
mDNS is just the method of communicating what traffic should be sent where. The "switchboard" listens for mDNS broadcasts that tell it what services want traffic routed to them under what conditions. A "node" (which was a bad choice of words) is the other side of that, a program broadcasting one of those mDNS resources (e.g. send traffic that's been sent to the domain "example.test" to this machine on port 8080)
I manage everything via dnsmasq on my router, and I use a DNS wildcard to make sure that all unknown IPs map to my server.
This is because the server holds the docker engine on whihc all "software services" are located. I did a few bounces between Traefik and Caddy over the years and finally settled on Caddy.
Caddy is a truly fantastic web server. If you manually forced IPs on your containers there is not problem at all (2 lines per service). If you did not, there is unfortunately no built-in mechanism in Caddy to autodiscover them (such as the one in Traefik). I wrote my own using the new Caddy API (v2).
Host names with spaces, etc (e.g., DNS non-compliant) don't work, but otherwise it Just Works.
Run a simple command locally, and have a https server endpoint connected to anything on your machine.
Otherwise Avahi has a mode to allow reflecting (mdns traffic between two interfaces) on point to point interfaces and if you run that on the VPN server it may let mdns work from your vpn client to the local lan of the server. Will depend if your mdns implementation tries to query on the VPN interface though. Which again for avahi you can enable point to point on the client side. Unsure if you can do that on windows/Mac.