An alternative to this is to expose this to your local network and use tailscale to connect to it so you do not have to carry it around while being secure.

My understanding of tailscale is you give full access to the tailscale company to allow any public key to access any of your machines.

I think I'll stick with running my own wireguard thanks.

Or you can run Headscale: https://github.com/juanfont/headscale