The easiest and quickest way thats still safe is to just use tailscale.

Its a zero config VPN that you can install on all your devices. I’ve been using it for quite some time now and I’m still fascinated by how easy to use it is.

I assume you want to access a self hosted service on your local server from the Internet.

To make the service accessible from the Internet multiple things are required:

• the router can be accessed from the outside. Find your public IP in the router or use a find-my-ip website. Better: do both. This is the address you can use to access your router (or whatever service you choose to expose through it). Side note: If the Ip-adresses of your router and the one of the find- my- ip- site are different it could mean that your provider uses CG-NAT (because ipv4- addresses are scarce, the provider doesn’t give you a real publicly accessible address). This means you can’t access your router from the Internet. Try IPv6 or contact your provider to get a publicly accessible ipv4- address.
• because the above mentioned IP- address of your router might change, dyndns is used. Configure it in your router and test it. Test if the DNS- name you have set up resolves to your ip- address (nslookup or ping it).
• to make your service available to the Internet you need to configure port forwarding in your router (or add your server as exposed host - means all ports are forwarded to the Internet). This means the router passes request to itself on to your internal server. Careful: everybody can access whatever services you expose. Advice: it’s a good idea to use a VPN. Setup a VPN-server in your Lan and only port-forward its port in the router. Connect to the VPN from the outside - Afterwards use the internal services through the vpn- connection.
• scripts and the internal ip: the dyndns name needs to be used instead of the IP. Find a way to make the scripts use that name to resolve it to your external IP.