I've set up a small Linux server with NextCloud and Vaultwarden running on Docker containers, through Nginx Proxy Manager for reverse proxying, and integrated fail2ban for security measures. Are there any other recommended tools (or specific configurations) I should consider to further fortify my server's security? Your help is greatly appreciated!!

i want to remotely ssh to my home server, and I was wondering if I could just forward port 22 with disabling password login and use pubkey authentication will be safe enough?