stonkage
I haven’t switched products but I did go through a process of hardening my containers to a degree. I did find that the hardening is limited by the authors of the software and if they have built their apps with security in mind.
I have always used docker-compose I found that easier to see what needed to be tweaked.
Some helpful links
https://docs.docker.com/docker-hub/vulnerability-scanning/
https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html
It’s a pretty broad question and part of the adventure is learning what works for you.
I have found https://selfh.st/ a great resource of seeing the art of what’s possible and what is out there
Chatgpt is also helpful especially for fixing your yaml files which seems to be the main config format for most container based projects.
For remote access I have found tailscale the easiest way to access self hosted away from home.
What does your fstab say?