I am a happy midwit. Just lxd all the things and automate updates. Granted, I don't host any public services.

I think the take home is that if an idiot can't self host then our software is still crap.

Our assumption is that no software is secure or bug-free, and that configuration is complex. But in the space of binary blobs, there exists software that is secure and bug-free for any given hardware architecture. We just need better algorithms to find it.