Not a dyndns or router issue. My ISP blocks ports upstream, so there's no way to open a port on my home IP. I use the VPN to get an open port on a Mullvad IP and tunnel it to my web server.
I'm in the same boat as you, also used Mullvad port forwarding for this because all I can get where I live is mobile 4G internet which is 1) behind NAT, so I share IP with many other ISP customers and 2) changes IP very frequently.
A while back however I just locked down all ports on my "server" (really just an old computer in my home) and instead setup a CloudFlare Tunnel[1] on it. All it really does is instead of CloudFlare forwardning HTTP requests to your server, your server connects to CloudFlare and uses that connection for bi-directional communication of HTTP request/responses. I have an nginx web server listening on a UNIX socket that the local cloudflared daemon will forward traffic to, but nginx is not needed and you could instead set up an individual tunnel for each domain/subdomain you have, but I personally just re-use the same tunnel for everything.
Works really well even though I'm behind NAT, the public IP changes, or network goes down briefly; the cloudflared daemon just reconnects. No DNS updates needs to propagate either. I can understand though if some people are reluctant to using CloudFlare, but for me this is a lovely feature they have - and it's free.
