I may not be able to answer some of the more security-oriented questions, but one of the things I recommend is using a proxy to "hide" your home IP address. IP addresses can contain a lot of information including location data, so it's a good idea to make things harder for attackers to figure out where you live. I'm pretty sure you can do this with a basic VPS setup, but I know for sure you can do this with Cloudflare (as I have it enabled on my server).
As for getting reverse proxies set up from your Docker containers to the outside world using Apache, I can help. I use (rootless) Podman on my Raspberry Pi, meaning when I expose ports from my containers I have to choose port numbers greater than 8000. Once I have a port (let's say 8080), and a subdomain (I'll use subdomain.example.com), I just need to create a file in /etc/apache2/sites-available/ which I'll call site.example.com.conf. The content usually looks something like this:
ProxyPreserveHost On
ProxyRequests Off
ServerName subdomain.example.com
ServerAlias subdomain.example.com
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
Then you just need to enter the commands sudo a2ensite subdomain.example.com and sudo systemctl reload apache2 and you should be able to access your container as a subdomain. You should just need to forward port 80 (and 443 if you want to set up Let's Encrypt and HTTPS) on your router.
I may not be able to answer some of the more security-oriented questions, but one of the things I recommend is using a proxy to "hide" your home IP address. IP addresses can contain a lot of information including location data, so it's a good idea to make things harder for attackers to figure out where you live. I'm pretty sure you can do this with a basic VPS setup, but I know for sure you can do this with Cloudflare (as I have it enabled on my server).
As for getting reverse proxies set up from your Docker containers to the outside world using Apache, I can help. I use (rootless) Podman on my Raspberry Pi, meaning when I expose ports from my containers I have to choose port numbers greater than 8000. Once I have a port (let's say 8080), and a subdomain (I'll use subdomain.example.com), I just need to create a file in
/etc/apache2/sites-available/which I'll callsite.example.com.conf. The content usually looks something like this:Then you just need to enter the commands
sudo a2ensite subdomain.example.comandsudo systemctl reload apache2and you should be able to access your container as a subdomain. You should just need to forward port 80 (and 443 if you want to set up Let's Encrypt and HTTPS) on your router.Hope this helps!