Comment by lxgr

I used to do the same, but these days, getting TLS certificates for local services is actually not that hard anymore.

If you have local DNS, you can e.g. request a wildcard subdomain Letsencrypt certificate and then distribute the corresponding key and certificate to your LAN hosts.