It would be interesting to see if discourse-setup works in (or can be adapted to) this environment; when I tried it last year on Google Cloud’s Container-Optimized OS (based on their own stripped-down Linux kernel from ChromeOS), it failed due to the inability to mount any directory with execute permissions (outside of a container, that is).
If discourse-setup could deploy into container-restricted environments (clearly becoming more popular), the benefit would be a broader base for deployment, but where the targets are actually simpler (and more secure) than a typical ‘fat’ VPS.
Extra steps for the admin would seem a worthy trade-off, e.g. ask if deploying to a different host/container, then exit with basic instructions to supply a storage container & push the built docker image to a repo, so it’s usable on a container-restricted host.
Perhaps discourse-setup itself (and, presumably, also launcher) could run in a container (with the correct run paramaters of course), so that it’s able to make its necessary tests on the target [container] host itself & manipulations of the docker image to be deployed. In that case, funnily enough, launcher would do everything as usual but start/stop Discourse Docker images.