Hello,
You could set up the build in server but the problem is that you config that you will do might be rewrite on each upgrade.
You could also just add something like that in ~/.ssh/config :
Host domain.tld
User gogs
Port YOUR_PORT
About the firewall normally yunohost open just the port on the main ssh server are running. But you could also open an other port manually.