It doesn't really seem like a safe solution.
you connect to your backup with full access, in case of ransomware or hack you are done.
What I think is better is create a docker with ssh and Rsync.
Mount folders that you want to backup read-only to the docker.
Use a DDNS instead of IP
Running the connection over Wireguard.
Let the Backup server make the connection and the backup, close the connection after making the backup.
Set up the backup server in such a way that it can only be written once and cannot be deleted / modified.
Perhaps a Snapshot on the backup server as extra security.
And never make one server accessible through another, if you get hacked or hit with ransomware you have 1 big clusterf*ck