If there’s a port you want accessible from the host/other containers but not beyond the host, consider using the expose directive instead of ports. As an added bonus, you don’t need to come up with arbitrary ports to assign on the host for every container with a shared port.
IMO it’s more intuitive to connect to a service via container_name:443 instead of localhost:8443
If you don’t like the functional syntax you can usually use for each loops to the same effect.