This sounds like a great use-case for VPN or Tailscale? Access from anywhere, uses the open-internet as a carriage service but exposes no endpoints on the open internet. Is there a particular requirement that makes that non-viable?
I am vaguely aware of such solutions and I think there's no real reason why they wouldn't work. I think I just wasn't familiar with them at the time I set up the VPS. (Also I assume they would require an always-on box at home, which at the time I didn't have, and even now I suspect a VPS would provide more reliable uptime.)
