Putting anything behind a firewall in combination with a VPN can be relatively turn key and self patching without too much effort.

Docker wi5 a tool like proxmox can go a very, very long way in a matter of a few days... and provide near identical vps maintainability.

Hardware is much more reliable and self monitoring than it used to be.

None of this deals with ransomware

Do you mean you don't know how it could deal with Ransomware? Or that there's no possible way local setups could could deal with Ransomware because you aren't aware of it?

Ransomware attack vectors are often clicking malicious websites, emails, or software opening stuff that is risky.

Keeping you access point patches system patched and browser up to date is a big line of defence, with or without cloud backups. Those identities can be as easily hacked if the weak spot is our computer.. Using browser and email plug-ins to increase security and safety can be helpful too.

One can run pihole locally at home as well and filter out a great deal of trackers that can get hacked.

It's also relatively easy to setup multiple vlans on your local network to separate your devices.

Having multiple current backups of your computer, physically and locallu is also an important defence against ransomware.