Personally i use wireguard protocol but using PiVPN installed directly on the Raspberry (not a container) that i use for Docker services. Yes, it required an open port on router and (for me) a DDNS that update my dynamic ip.
You can try Cloudflare tunneling, i read an article some days ago that explain how is more reliable than DuckDNS (a DDNS service) in maintaining the connection to the VPN BUT you will need to buy a domain for it.
My 2 cent, try Tailscale:
- is free (at least for the first 100 devices that you connect)
- you DON’T need to open any port on the router
- the configuration is simple enough
- if you have concern on the privacy of tunneling your data on someone else server, you can try to self-host it (the self-hosted version is called HeadScale and all the app of Tailscale are compatible with it, you had to change only the pointer to your server)
Personally i use wireguard protocol but using PiVPN installed directly on the Raspberry (not a container) that i use for Docker services. Yes, it required an open port on router and (for me) a DDNS that update my dynamic ip.
You can try Cloudflare tunneling, i read an article some days ago that explain how is more reliable than DuckDNS (a DDNS service) in maintaining the connection to the VPN BUT you will need to buy a domain for it.
My 2 cent, try Tailscale:
- is free (at least for the first 100 devices that you connect)
- you DON’T need to open any port on the router
- the configuration is simple enough
- if you have concern on the privacy of tunneling your data on someone else server, you can try to self-host it (the self-hosted version is called HeadScale and all the app of Tailscale are compatible with it, you had to change only the pointer to your server)