As has become my habit lately, I'll chime in and say if you're interested in accessing your self-hosted services from the internet, IMO tunneling is the way to go: https://github.com/anderspitman/awesome-tunneling
Most of my services are only available by using a vpn into my home network. I can understand why you might need a public facing service but I avoid it like the plague.
I have an EC2 instance running caddy that proxies through to my RPI cluster via VPN. It was pretty easy to set up. And Caddy handles HTTPS and HTTP->HTTPS redirection out of the box.
I see it as an important step to a more decentralized future. For example, I know a few people who maintain Plex servers for their friends and family. This works quite well, but getting the server on the internet is the trickiest part. You can sink a lot of time into configuring routers, managing certs, NAT, DMZ, LMNOP. Or you can use a tunneling service that manages all of it for you.
I use chisel for dancing across firewalls and across Big Corp's (TM) network policies. Chisel is fantastic. It wraps an SSH tunnel for proxying TCP (or reverse proxying) in HTTP, which I expose over TLS.
I'm the author of inlets and would suggest you take a look at that. It's great for the use-case in question and built as a cloud native application with Docker images, Kubernetes YAML files and an operator available.
If you’re using Kube, I’m building a service to solve this for home hosting. Checkout https://KubeSail.com (YC S19) - we forward traffic to your ingress controller over a tunnel so that you can host public apps on the internet from home without dynamic DNS or port forwarding . Feedback welcome :)
Quite a coincidence running into you on HN. I recently did need to setup tunneling to access my home cluster and stumbled on your list. I found frp and was up and running in a jiffy. Thanks for the list!
For my personal homelab Nginx Proxy Manager has been great (https://nginxproxymanager.com/). It provides a dead simple ui for configuring Nginx to expose internal services, even websocket servers, and integrates easy https cert managmenet (with Let's Encrypt wildcard subdomain support!).
Tailscale seems to be a great option if you only need to access your services from your own devices. Public or shared access looks to be trickier/expensive.