You had one job...
> the Sisyphean slog of maintaining special access for those who can't or won't get with the program.
I don't find complying with standards a "Sisyphean slog" - if anything it makes my job easier. Becvause I follow simple standards the sites I build will work in any browser that is standards compliant and able to render HTML5 (and supports TLS1.2+). I barely even need to test this - apart from some minor pixel level rendering quirks it just works. Sure, the sites will look better in a graphical browser that supports CSS3, and the interface will be more user friendly if JavaScript is allowed to run, but text-to-speech and Lynx users should have little difficulty perusing the information they serve, nor will anyone not wanting to trust my client side code be prevented access.
Where interactivity is needed I usually build it using HTML and HTTP first, and use these same endpoints asynchronously with XMLHttpRequest. Often these fragments can be cached on the server. Resources have URLs, and these are human (and machine) readable, and they can be bookmarked. Browser history works without requiring any hacks - including ending up at the same scroll position when returning to a previous page. To the extent that I rely on external APIs I prefer to do so on the server side, and I will ensure that these fail as gracefully as possible with cached and fall-back content. I do not like single points of failure that are outside my control (I'm looking at you, Cloudflare). JavaScript is only used where it offers a clear usability advantage. I find no need for any client side libraries like JQuery or Vue.js since browser support for standard JS methods is really quite good across the board, but I do use some specialised libraries like Chartkick. Client side code is is combined, minified and served from my own servers, with a strict CSP. The most important metric to me is speed, particularly LCP (ideally <1s), and running lots of code on the client can (and does) negatively impact this. Rendering everything on the client also leads to a ludicrous amount of duplication of work, with more or less exactly the same instructions being executed not only for every visitor, but for every content load. That this is an insane approach and that SPAs were a terrible idea should have been obvious from the start, yet here we are.
None of this is rocket science, nor can it be considered a "Sisyphean slog" - it's just the job. Shame so many of us seem to have forgotten how to do it.