To set up a Proxmox container (CT) with OpenWRT using the `pct create` command and configure the firewall to allow SSH and HTTPS access on the WAN interface (`eth1`), let's compile a comprehensive guide including the commands for creating the container and the necessary firewall configuration within OpenWRT.

### Container Creation with Proxmox

First, let's clarify the Proxmox command for creating the container:

### Container 1
```bash
pct create 101 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --architecture amd64 --ostype unmanaged --hostname openwrt-0 --storage local-lvm \
--net0 name=eth0,bridge=vmbr0,firewall=1 \
--net1 name=eth1,bridge=vmbr1,firewall=1
```
### Container 2
```bash
pct create 101 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --architecture amd64 --ostype unmanaged --hostname openwrt-0 --storage local-lvm \
--net0 name=eth0,bridge=vmbr0,firewall=1 \
--net1 name=eth1,bridge=vmbr2,firewall=1
```

This command creates an unprivileged container with ID 106, using an OpenWRT root filesystem. It configures three network interfaces:

- **eth0**: Main LAN interface with a static IP and gateway.
- **eth1**: WAN interface on `vmbr1`, which will be used to allow external SSH and HTTPS access.
- **eth2**: Additional network interface.

### Firewall Configuration in OpenWRT

For the OpenWRT container to allow SSH (port 22) and HTTPS (port 443) on `eth1`, you must ensure that `eth1` is treated as the WAN interface in OpenWRT's network and firewall settings. Here's how to set up the necessary firewall rules within the OpenWRT system:

1. **Define Network Interfaces in OpenWRT**:
    Ensure `eth1` is configured as the WAN interface in `/etc/config/network`. This might look something like this:

    ```bash
    config interface 'wan'
        option ifname 'eth1'
        option proto 'dhcp'
    ```

2. **Update Firewall Settings**:
    In `/etc/config/firewall`, you should add rules to allow SSH and HTTPS. These rules need to specify that they apply to traffic coming in on `eth1` (which should be associated with the `wan` zone). Here’s how you would configure the firewall:

    ```bash
    config zone
        option name 'wan'
        list network 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'

    config rule
        option name 'Allow-SSH'
        option src 'wan'
        option dest_port '22'
        option proto 'tcp'
        option target 'ACCEPT'

    config rule
        option name 'Allow-HTTPS'
        option src 'wan'
        option dest_port '443'
        option proto 'tcp'
        option target 'ACCEPT'
    ```

### Applying the Configuration
After editing the configuration files, apply the changes:
- Restart the network service: `/etc/init.d/network restart`
- Reload the firewall: `/etc/init.d/firewall restart`

### Final Considerations
- **Security**: Ensure you have set strong passwords and consider using key-based authentication for SSH.
- **Testing**: After setting up, test the accessibility of SSH and HTTPS from outside your LAN to confirm the firewall rules are working as expected.
- **Backup Configurations**: Always keep backups of your configurations before making significant changes.

This setup will configure your Proxmox container with OpenWRT to allow SSH and HTTPS traffic on `eth1`, ensuring remote management capabilities from the WAN side.