I have a public domain that resolves to a static lease in my internal network, which is running nginx proxy manager.
When I add a new site to my local setup, I just define a CNAME in Cloudflare and add an entry in Nginx proxy manager. It handles SSL via wildcard cert.