Cloudflare DNS Proxy sounds like exactly what you’re looking for, where cloudflare acts as the DNS middleman and responds with their own IPs, while forwarding all traffic for the site(s) to your public IP space
I’m running LinuxServer’s swag container which contains nginx + ACME built into one container, and they have an extensive library of reverse proxy configs that are pre-configured for many docker services that you can just drop in, point your DNS entry at, and be done with.
Cloudflare DNS Proxy sounds like exactly what you’re looking for, where cloudflare acts as the DNS middleman and responds with their own IPs, while forwarding all traffic for the site(s) to your public IP space