I’m going to suggest Wireguard as a means to avoid the use of port forwarding (which ISP’s can remotely undo, with no warning, when they remotely upgrade your router). Additionally, servers hosted from home can be remotely accessed by hostnames which are not Dynamic DNS hostnames: