Recently I discovered reverse ssh tunnels
If you own a server and devices in multiple locations this is a must have for you!
Instead of opening ports of your router(s) you can login to your server and from there into your Raspberries, etc. . Every device connects to your server and forwards a port from there to your desired device. You can imagine it as phone lines. Multiple computers “phone” your server and keep a line open. Then you can access every device that has a “phone line” to your server (on the specified port).
You can use the -R option not only for Port 22. So one can “forward” something like HomeAssistant running on a Raspberry Pi to a server (using nginx as an reverse proxy).
Best thing is you only need your server to update Let’s Encrypt Certificates.
ssh -R 43123:localhost:22 email@example.com (on local device e.g. rasp)
ssh pi@localhost -p 43124 (on server)