[raxxorraxor]

I think a normal patched Debian/Ubuntu with ufw rule for port 80/443 and 22, ssh certificate auth only and a simple nginx configuration is still very safe.

Of course there can be security issue on your webserver as well, but for a simple site this setup is learnable in an hour or two and you are ready to go.

You can hook that up on a pie attached to your router or pay a bit to have it hosted somewhere. Domain is perhaps 2-5$ and an TLS cert you can get from Let's Encrypt.

No idea how to put everything into a container that it makes sense. I just run this quite often on small hosted machines elsewhere. I just install everything manually because it takes 5 minutes if you have done it before.