Bitwarden, DynDNS and non standard ports

Hello there,
I am running my Bitwarden instance behind a DynDNS service (in my OPNSense router). My main server is using port 443, so Bitwarden can’t and shouldn’t use that port. In the config,yml file I’ve already changed the port to a 3-digit port, which generally works fine. I simply enter the domain name and add the port to it and see the Bitwarden web interface properly.
Problem 1 lies in accessing the admin GUI. If I enter xxxx.tld:port/admin I get redirected to the login page of my main server. Workaround for that is entering xxxx.tld:port/admin/login. Not nice but okay.
Problem 2 is more severe: Every e-mail from the Bitwarden server including a link, points to the login page of my main sever on port 443.

Can these behaviours be solved by adding the ports in the global override file? Or should I rather use a reverse proxy? Or use a subdomain redirecting to the server.

What are your experiences with that? Are there any tips and tricks to consider?

Thanks in advance,
Benedict