I think your missing the point of HAOS, it's an appliance. You don't manage it like a normal self host system.
Once you treat it as an appliance, it's great. Also there is a portainer agent you can run that will connect to a portainer instance.
As for your tunnel issues, maybe the tunnel thing is your biggest issue. I run all my self host stuff on its own subdomain, if I want to route something home I use the site to site VPN I have. Even a cheap ovh vps could be a way to run stuff on subdomains