Read the whitepapers, the client side generates the keys and only transmits the public keys to the server. E2EE is truly end to end (as in client to client). Meta has no access to the content of your messages, same has been true for WhatsApp
I setup a similar system but with IPSec (https://github.com/jawj/IKEv2-setup) and Pi-Hole on DO. The best part is that the linked IPSec setup is trivial to install and also generates profile files that leverage the OS VPN capability in any iOS device without needing to install extra apps (and also force VPN connectivity by default so you don't need to remember to enable it)