Because everyone here is hell bent on "spooky arcane oldhat sysadmin deploy techniques", I'll share my setup using k8s.

- CI on github actions

- Project management on post-its (short) and READMEs (long term)

- deployment is done by a github action trigger on the `main` branch

- Hosting is using AKS, GKE, or on-prem k3s on a raspberry pi. Want to restart a service ? just kill the pods.

- Devops took about 2 days of work initially and now shared by every project for less than 30 minutes by project.

- Deloying a test cluster (or a test k3s node) is reproducible on whatever hardware / cloud provider you get, sometimes I often create a full-blown dummy cluster for running test scenario

- Certificate renewal is automatic (cert-manager)

- DNS record creation to services/ingress is automatic (ExternalDNS)

- Authentication using OAuth/OIDC is also set up automatically on whatever identity provider you have

- Database backup is automatic

- Load Balancing is built-in

- Job scheduling is built-in (and -fuck- logs are much more accessible on a failed job container than in a custom cron + sh solution)

- Service discovery is not needed

- Monitoring and alerting is not, but cloud providers often have something for you

Note: this is highly effective because I already had significant K8s experience, so, if you're still learning about what Ingress-Controller to choose for your OIDC proxy, then don't go that route.