Do you really want all these services be publicly accessable?
Because the more services are publicly accessable the bigfer your attack surface is.
First set up a reverse proxy, a vpn and a local dns like pihole.
Only port forward the reverseproxy. And only allow public acess for the public services.
Setup local hostnames for the other services with the local dns.
Only give internal access to these services.
But with the vpn you can get these services from everywhere.
Do you really want all these services be publicly accessable? Because the more services are publicly accessable the bigfer your attack surface is.
First set up a reverse proxy, a vpn and a local dns like pihole. Only port forward the reverseproxy. And only allow public acess for the public services.
Setup local hostnames for the other services with the local dns.
Only give internal access to these services.
But with the vpn you can get these services from everywhere.