WallyR, isn’t totally wrong, and having a full HTTPS ecosystem would be better. However, what you can do, is add a Virtual IP to your router and then use a transparent redirect that intercepts traffic to that Virtual IP on port 443 and redirects it to your home assistant server on port 8123.
To add a Virtual IP in openwrt you actually create a network alias - Making sure you're not a bot!
So if your LAN is on 192.168.1.X create a Network Alias on a different subnet say 192.168.2.1 subnet 255.255.255.0. This assigns one IP from the whole subnet and you could add more if you have other services you want to redirect as you will basically create a rule to redirect each port based on this IP Address.
You then create a redirect rule which would look something like:
config redirect
option target 'DNAT'
option name 'Home Assistant'
list proto 'tcp'
option src 'lan'
option src_dip '192.168.2.1'
option src_dport '443'
option dest 'lan'
option dest_ip '192.168.1.10'
option dest_port '8123'
Note: the src ip is the Virtual IP and the Dest IP is your home assistant server.
The last step is to set the your DNS so that your domain points to the Virtual IP.
I do not use Openwrt, so not sure if it will do DNAT for a Virtual IP on the LAN, you may have to add the Virtual IP on your WAN and if you need to do that I recommend using a subnet of 255.255.255.255 or /32.
A better way would be to set-up something like Nginx Proxy Manager which can forward requests as well as obtain SSL certificates from Let’s Encrypt. There is an add-on available Home Assistant Community Add-on: Nginx Proxy Manager