With all services docker you'll have to individually check them for security updates and so on.
Most likely not, because you'll only be using popular software that have well-maintained official images.
Still someone needs to notice and restart the services to get the new images downloaded, right?
And For coordination of several containers running our several services, do you think we could we could use something simple such as docker-compose or would we better resort to a "real" orchestration setup such as kubernetes?
Ouch. No, please let's avoid the complexity.
For your case, K8s is a reasonably easy way to have HA without many issues. You can go very cheap with 3 Hetzner hosts x 50 EUR per month, and use Ubuntu with MicroK8s on the hosts.
If Hetzner does all the K8s infrastructure and we pay just for the worker nodes, maybe it'll be easy enough.
Doing Kubernetes hosting is _way_ out of scope for c-l.net, IMO.
In addition to HA (High Availability)
HA adds complexity - and so adds to support load. I'm not sure we need it.
I'm not sure you can afford not to have som for of HA. common-lisp.net already has a reputation of poor reliability and continuing on the same path doesn't seem a very good idea. All the new lispers, and many of the old ones, have moved to other services (mostly Github) for good reasons.
I don't think this is because of reliability of the hosting service - more of convenience resp. familiarity when comparing Gitlab to GitHub.
2. Maybe for a dedicated gitlab host as well, because that program is so freaking heavy.
I suggest switching to a lighter-weight alternative like Gitea or, even better, bailing out of source hosting altogether. It take a lot of work to provide a capable service, which volunteers can hardly provide.
If we decide not to host any Git UI (and no ticket tracker, no pipeline, etc.), I'll still vote to have git repositories - as a reference source/backup.
Via https://gitolite.com/gitolite/index.html should be easy enough.