You can set up a free cloudflare tunnel on your DMZ, then expose the 32400 service vía an application in the zero trust dashboard. That would give you fine control about who can access your server (you can add security policies filtering by country, source ip, and other traffic selectors)
Do you have a workload planned for that? Like everyone told you here, it's a powerful beast but you need to feed it. If you're planning to run a plex container and a file share, it's an overkill. Get a power efficient optiplex, or hp prodesk/elitedesk, or Lenovo Thinkcentre. Put all the ram you can, a fast SSD and a big HDD for storage, you'll be more than content, and without the guilt of killing 5 whales each time you read a pr0n file.
There's no need to do all that. A reverse proxy could be hosted on your own house, it's just a simple "control point" in front of all your equipment. It even could be a VM or container in front of your infra. But a simpler approach it's to simply set up a vpn like zerotier/wireguard/cloudflared, and give access to your friends to just access the private IP you want. Don't get me wrong, it is a great thing to learn about reverse proxies (I'd start learning how to do it using nginx if you ask), but sometimes you need to have a proper reason and not overengineering stuff.
Damn, just finished setting up CasaOS. That looks neat. Gonna try it.
I'm using it right now with Armbian on a Rock Pi 4C with a 128GB NvME drive. Planning to move the external 8TB hdd from the main lab PC to this, and run all low power tasks 24x7, and fire up the main rig when needed using WoL. I liked the UI, and the simple install process. But now someone mentioned it, I'd like to try Cosmos.