Sorry, I skipped that bit
You got the right words for DMZ. It is meant as a place in your network, that is an ‘unsafe’ place. Normally, your internet connection is picked up by your router which almost always has a firewall integrated, to block traffic from the wider internet from accessing the computers, phones and fridges at home (Internet, after all, is a network of networks, connecting all machines it can reach).
Often it is (sadly enough) good that other people can not reach those computers, phones and fridges in your house, lest they program your phone do DoS your fridge. Sometimes you want a computer at home to be reachable by the wider internet, but still keep all other machines protected by the firewall.
That single machine is placed in ‘the DMZ’, or any other name the router manufacturer chose to use. If you got eight machines at home that are connected to the internet, you could chose one of them to reach all external traffic. More finely grained, you could open and forward specific ports (depending on router, called ‘NAT’, ‘port forwarding’, ‘firewall configuration’, I can’t remember all the different names I have seen it given).
That story goes up for ‘traditional’ residential internet connections, either via fibre, cable or ADSL, where on the ‘outside’ of the router there actually is, for most purposes, ‘the internet’.
In case of mobile broadband there almost always is only the internal network of the mobile phone provider. Their network was never envisaged for any other use than media consumption by their customers, meaning there was no need to have a public representation (in an IP address) for each subscriber on the net. One of their internet-facing IP’s is shared by thousands of their mobile customers. No way they all will get a chance to run a blog on their phone! Or on their Yunohost, in your case.
This is where the VPN comes in. Virtual private networking creates a ‘private’ network over the public internet, by giving some extra information to all data being transfered between two points in the VPN (and encrypting the regular part of the data, for your eyes only). The connection is called a tunnel, because it tunnels invisably through another network, and something can be transported through it. The other end, the exit, of the tunnel is now your representation in the real internet, with the tunnel piercing through the internal network of the broadband provider.
Because at the exit the tunnel is a regular IP, with all of its thousands of separate ports available, any kind of service one might want to access will have a port available. The VPN software will transparently forward the traffic to the identical port on your Yunohost.
Sorry for the long post; I hope all this text was able to make you some wiser I’m sure I skipped over some points that are clear to me, but raise more questions for you. Perhaps I can explain those things later, give a shout.
I think renting a small VPS and installing Wireguard (either in combination with Yunohost or by itself on the OS) on it is the cheapest and most versatile way forward. How fast or slow are connections overseas? European VPS’s seem more affordably priced than Asia/Pacific or US locations.