DigitalOcean for example has one click Dokku installs. They also have the more morern managed containers thing that many PaaS are offering, where you can git push your app and it'll run in a container.

Once dokku is installed, the deployment method is `git push dokku master`

And how is that any more modern than heroku?

Did Heroku use containers? I seem to remember it didn't since back in the day.

I scoured the internet for the answer to this question years back and remember the answer being that they were using LXC containers, at least on the Cedar stack. This was a little bit before Docker launched.

Heroku implemented their own container system and expose it to end users as a "Dyno".

Im about to go down this path for fun with the saas template I’ve built for myself, but my concern is what am I going to screw up security-wise? Im not an expert by any stretch - I know the basics. I guess we’ll find out!

I just never worried about this with Heroku. I already use the paid tier there for some projects, but the writing seems to be on the wall, so I’m sampling the alternatives. Render is probably where I end up though.

Ya, certainly a concern when going from well-funded org with hired experts to just yourself.

For myself, I just run automated security updates (uptime is not a pinnacle concern for me), do the basic fail2ban set-up, ensure I have a bit of reporting. Most importantly, I pray to Cthulhu I'm enough of a low-priority target that all I need to fend off is drive-by attacks.

I try as much as possible to isolate e.g. credentials and sensitive information from public infrastructure. Everything else that is more sensitive I stick behind tailscale, usually hosted at home on Pis or my NAS.