What I’d personally recommend is Cloudflare Tunnels, it allows you to lock down access to your services with an emailed code or other authentication method, as well as avoiding having ports forwarded to your services. It’s an easy way to avoid port forwarding and not have to worry about whether all the services you’re hosting are 100% secure, since you’ll be exposing them to the internet.
The downside is you’re routing all your traffic through Cloudflare.
Says the comment posted 107 minutes in the future, apparently