Honestly I don't even bother with hosting it in a cloud instance. I host Bitwarden on my home network, and whenever one of my devices opens the Bitwarden browser plugin or mobile app (at home), it will automatically sync everything. From that point on you can continue using Bitwarden without it needing to connect to the server.
So on one hand, I lose the ability to sync when I'm not on my home network. On the other hand, I don't change anything in my Bitwarden server _that_ often, and if I do, I can just quickly do a sync on whatever devices and I'm good to go. With the added benefit of not opening myself up to the outside world.
and what if your TV or thermostat, with access to your private network, gets compromised? do you have that machine locked down good enough to protect against an inside-the-firewall attack?
Here's where I get a little more naive....do you....have one VLAN that's your "normie" network that your WIFI access points expose to all the devices, then the other VLAN is...only within the wired network, so if your phone wants to get to your bitwarden, it's always going out the wifi out the gateway first and back in, kind of thing?
right now all my "services", which are not bitwarden-level sensitive, are all on the same network as whatever crap I bought at home depot. I have an edgemax router and there is a third NIC I've never used, so I guess I'd finally plug a switch in there! ok. next project I guess
So on one hand, I lose the ability to sync when I'm not on my home network. On the other hand, I don't change anything in my Bitwarden server _that_ often, and if I do, I can just quickly do a sync on whatever devices and I'm good to go. With the added benefit of not opening myself up to the outside world.