Since this is a beginner's guide I would mention this docker/ufw pitfall [0] when publishing container ports. Many a containers have been erroneously exposed to the public net because of this.

[0] https://docs.docker.com/engine/network/packet-filtering-fire...