Access SSH and LuCi from remote network VPN

I setup a router for elderly relatives who routinely need assistance and troubleshooting. In order to set this up so I can remotely access SSH and LuCi I am considering setting the routers up (mesh system) as a peer to my Wireguard server on DigitalOcean. However, I want to make sure that it can be setup so that only the traffic that is for SSH and LuCi can be sent to the VPN to reduce latency and secure my server (they are someone security illiterate, they have already gotten malware on their PCs and iPads). I also wanted to make sure that routing only those two items can protect against malware on client devices to the router, and that this setup will not have any impact on the current wifi performance (speed, bandwidth, range, etc)