You can simplify a lot of this using wireguard between the server and your full node. You can host lnbits on the server and point it at your node via the wg ip. No port opening, no home IP address needed.
With the disappearance of Wallet of Satoshi for US markets, now it's more important than ever to become an "Uncle Jim" for your close friends and family members. What is an Uncle Jim? Simply put, he's a person that lends a helping hand to those in need, providing a service for them, one that they cannot provide for themselves.
You can fairly easily do this if you're not afraid of getting your hands dirty by digging through the technical trenches. You'll need to run a full Bitcoin node, a Lightning node, LNBits, and Nginx. You'll also need to buy a domain name use a service such as Cloudflare,
You'll setup a Bitcoin and Lightning node as you normally would. Then, you'll need to setup LNBits and configure the LNURLp and LNDHub plugins for each wallet that you're going to host.
The hardest part of this whole setup is the local networking portion of this. You'll need to have a server or a dedicated machine to run Nginx. This is a web server. You'll need to setup this web server to act as a reverse proxy to point to your LNBits installation. In this example, you'll setup your Nginx configuration to use wallet.mydomain.com and do a reverse proxy to your LNBits installation and port number. Then, to finalize the local networking, you'll configure your router to do port forwarding to your Nginx installation.
For example: Router Port Forwarding 443 -> Nginx 443 -> LNBits 5000
Then, you'll need to create a free account on Cloudflare and point your domain that you registered to Cloudflare. You'll then need to add your home IP address and a subdomain. Maybe you'll use wallet.mydomain.com.
If all goes as planned, you should be able to connect to https://wallet.mydomain.com and view your LNBits. You now have a Zappable Lighting address user@wallet.mydomain.com.
This isn't the best guide. I wrote this very quickly after reading a Bitcoin Magazine article about being an Uncle Jim. Hopefully this gives you enough information to ask the right questions or perform some advanced Google searches. Good luck!
Discussion
When I say wireguard I meant tailscale...which uses wireguard.
Tailscale is a great solution. I've been using it for years. And Wireguard is great too, but more complicated for the average user. Though, not everyone wants to pay for a VPS every month.
I use Cjdns, which does not require reconfiguring when IPs change. The Cjdns IP6 is permanent and cryptoauthenticated (as well as e2e) like a nostr address.
Throughput is higher with wg, openvpn, and other pt2pt vpns, and yggdrasil provides a high throughput mesh vpn like cjdns (but with higher latency).
How are other external users going to connect to your LNbits then for resolving the Lightning address etc?