vs having a host OS and running ~~docker~~ [containers and VMs]
I think this ^ is precisely what Proxmox is, its just purpose built for this purpose and has a lot of nice features and conveniences for this use case.
Proxmox is a host OS (customized Debian) built for virtualization (KVM/Qemu) and containers (LXC containers).
but it seems like I could get everything it does with a well-managed host OS + ZFS/btrfs and using virtualization tools
I think you can. It just depends whether you'd prefer to DIY it yourself or whether you'd like a purpose built solution that is already pre-configured for the task, both approaches are valid and can achieve much the same outcome. The nice thing about proxmox is its mostly ready to go and well configured out of the box (with the exception of not supporting encryption ootb)
> so I cannot rip DVDs, I cannot capture streams
Would any government job with a serious enough mission to require polygraphs and security clearances actually care about this kind of kindergarten illegality.
Seems like the digital equivalent of jaywalking or rolling a stop sign. Are they also going to check up and make sure you have never burned a CD in your life, or shared a Netflix password?