Same domain name for Internet and LAN + Nginx + Letsencrypt

Hello,

I’m trying to set up access to my HA on RPi, 192.168.1.5. I do not have a real IP so I set up a VPS and a VPN between my home router and that VPS.

I’ve bought a domain ha.mydomain.com for my VPS, also I have set a static DNS ha.mydomain.com=192.168.1.5 on my home router so that when I connect my home network from my phone the local address is used.

How do I set Nginx and HA? HA is accessible as 192.168.1.5:8123 from my local network and from outside Nginx. How do I set Letsencrypt and where: on HA or on VPS Nginx? What ports do I forward from Nginx?

Thanks