They provide decent defaults for all the not-so-straightforward configurations, and they provide a web UI to configure the rest. That’s the sole reason I would recommend it to get one’s feet wet without having to work too much.

If one is committed to do things “the right way” they could switch to Nginx and “proper” self-hosting later.

Yeah, I’m afraid you have to use a reverse proxy to host multiple subdomains. The CloudFlare daemon is the reverse proxy.

I would say this would be the proper way to do it (at least as a sysadmin), but since it’s OP’s first time I would simplify it to:

1. Install CloudFlare ZeroTrust daemon on your local server;
2. Set up reverse proxy such as Nginx (optional, the alternative is to use a different subdomain for each service, which might be easier);
3. Point the FQDN to CloudFlare.

Let CloudFlare handle the certificates, DDoS protection, etc… Link if you’d like to give this setup a try.