If you can’t find a VPN provider to do it, you could turn up an EC2 nano instance of pfsense, build a tunnel to your site, then run haproxy on the EC2 instance and point it to your on-site server. Use LE there as well for the cert. Once your internet gets fixed at home, dump the EC2 instance.
Not exactly what you’re looking for but would get you a public IP and things working.
From my limited experience looking into this, I don’t think it’s possible with most VPN providers. They’re just selling anonymity via outbound connections, they don’t usually want you to host something on their address because that would likely open them to a lot of liability problems I imagine. It’d be easier to spin up a VPS somewhere and just use CloudFlare to proxy it to keep it somewhat protected.
OVPN has static public IP as an add-on service, have been using it for a few years and it works great. They have guides for pfSense as well as many others.
If you do decide to go with them I would appreciate if you contacted me so I can give you a referral link
PureVPN has OpenVPN configuration files - you can just download those files and minimic the settings in pfSense; they may not provide direct support, but I’m sure you can get it to wrok.
Surely you can just use a dynamic DNS service to regularly update the public IP of your 5G endpoint though and avoid bothering with an external VPN at all?
I purchased the dedicated ip from PureVPN and have my pfsense using the static ip as the tunnel. You simply connect your openvpn client in pfsense to the Static IP URL that was provided when you did the add on. you will have to add firewall rules to allow traffic into your router through the openvpn interface. (Which is tricky) no issues that i know of.