You do you, but the trust is beyond just admin and users. And family photos are treated as treasures. Data loss is a fair point, but if you're self-hosting a photos app I imagine server/db backups are part of your routine. Account recovery is all that's needed to recover lost photos from there. Well, unless your VPS is compromised in a manner of data loss for longer than you wished before your backups ran, in which case it's still better that such sensitive info was e2ee'd.

edit: also feel like I'm echoing the classic dropbox comment, but self-hosting in a sane and secure manner is harder than it's made out to be. It needs to be taken seriously.