Better yet, check out NewPipe on F-Droid. :^)

Missed the chance for the title “There will never be a second Second Life,” real shame.

From what I understand, opening a port isn’t a risk in and of itself — it’s only a risk if the software using the port is insecure! So long as you use reliable software and take care to configure things properly (following through with instructions from a site like ArchWiki or the official documentation helps), you’re good.

CloudFlare is more for DDOS protection, which you almost certainly don’t need . You could always set up DDOS protection later on, if the need ever arises.