You won't be able to use quite a lof what you want if you aren't using a later version.
So step 1 would be removing the distro version and using the latest version.
I would not directly share any service to the internet as there as a few services that get around that.
The only reason you'd have to run as root is to access files there are owned by root.
I use the free tier on Cloudflare and cloudflared to hit any of my services that are on my home devices:
Set up your first tunnel (cloudflare.com)
You'd have to run the cloudflared on the server you want and you don't have to expose any ports at all as it's all handled via some setup with Cloudflared.