[Macha]

Yeah, for my side projects I just use gitlab CI + docker compose.

Builds use the dind images on gitlab's runners to build an image and push to their container registry.

For deployments I have a host with a personal CI runner instance on Linode's smallest instance type which can access a user on the "production" host when SSHing over a private network, and has the docker-compose command allowed in the sudoers file. Then it can run docker-compose up to deploy. The key for this is passed to the job via gitlab's secrets UI so someone getting read access to either of my hosts wouldn't be able to do anything.

While people will rightly point out that this does mean the CI builder effectively has root on the "prod" host, for a side project it's enough for me. I might investigate podman/buildah some weekend when I have time as apparently that allows for rootless container launches.

[GordonS]

I've used Docker Compose and Swarm for small-scale stuff too - it's really easy to work with, doesn't use much CPU for management (something k8s os/was notorious for - not sute if that's still valid?), the docs are pretty good, and there are a gazillion YAML templates on GitHub to use as a reference.

Compose and Swarm can take you pretty far, but TBH, it felt like Docker gave up on them years ago, even before k8s "won" the container orchestration war. A real shame :(