Like other commenter said, regardless of podman or docker you will need to handle port forwarding, and any firewall changes.

Port forwarding through docker or podman is pretty similar, if not identical.

I have heard good things about podman but I personally had some strange issues when moving from docker to podman, specifically transferring docker networks to the podman equivalent.

Something like this?

https://docs.linuxserver.io/general/swag

and add authentication to private services

Install an OS on the card to boot from? Its the same process as making a bootable live USB stick.

The performance will be poor in comparison to an SSD and will reduce the longevity of the card due to many r/w operations.

Do you want the host to be accessible fully from any host, or do you control all hosts you want to access it?

For mine, all the devices I want to access my personal host I have setup zerotier, and then pointed cloudflare at my zerotier address.

Any device I want to access my host (outside of my local network) requires zerotier.

I don’t want anything outside of my control accessing my host