I use distro packages. In the rare case something isn’t packaged yet, I package it myself. And for the isolation, systemd services can do most of the things docker can if you need (check systemd-analyze security).
For just hosting services that can be done instead with normal system services, docker makes your setup a lot more complex (especially on the networking side), for little if any gain. Unless I need to spin up something multiple times temporarily on demand or something has a hard dependency on it, I’m not going to bother with it anymore.