I think this plugin is probably the best you’re gonna get. It encrypts and decrypts on client side. So the data that is transmitted and stored in dokuwiki is already encrypted before it even hits the server, so data on server side at all times is encrypted. So even if an attacker gets access to the VPS, the data there is encrypted and they have no way of knowing what passphrase was used for the encryption as it not stored/configured on server side.
I have bought used components off ebay for my home lab. It works just fine. The only thing I usually buy “new” are PSUs and Hard Drives.