Fascinating stuff.

Personally what I ended up doing with my vps was to just have a docker-compose.yaml and then just docker-compose it to start it and then I have a custom script which would run a service at a port after which I can just "bash expose.sh subdomain.domain.app PORT" and it uses cloudflared/cloudflare tunnels under the loop and if someone wants a git like workflow, I recommend pushing docker images and then using watchtower (https://containrrr.dev/watchtower/)

I had tried to understand caddy but I instead went the cloudflare tunnels route.