I'm currently exploring the idea of setting up my own VPN (for example, using WireGuard) on a VPS. However, I have a significant concern: by design, the VPN server must decrypt the traffic in order to forward it, which means that the VPS provider technically has the ability to access this decrypted data.

My main question is: Is there any method or configuration that can ensure that even on my self-hosted VPS, the provider cannot access my data? In other words, I'm looking for a way to maintain end-to-end encryption from my device to the final destination—even if my data is passing through a VPS.

I've read that application-level encryption (like HTTPS) is necessary for true end-to-end security, but I'm wondering if there are any additional techniques or tools that can help secure the data even on the server side, effectively preventing the VPS provider from inspecting the contents.

Any advice, guidance, or alternative solutions would be greatly appreciated!

Thanks in advance for your help.