Yup. You can run both local amd external services off the same proxy, at least with traefik and I assume others. Alternatively you could use traefik to solely for local services and Cloudflare zero trust tunnel for external. I think his traefik video covers it? If not, it covers some part.
The other part is that you need pihole setup to serve local DNS.