Same here. Taught my wife how to start WireGuard on her android phone and then access any of the services I run. This way I only have one port open and don't have to worry too much.
That's what I do. The beauty of wireguard is that it won't respond at all if you don't send the right key. So from the outside it will appear as if none of your ports are open.
How about running your wireguard server on a VPS and then connecting to the same interface as clients from your mobile and home network? No ports open on your side!