To make it all happen, I also moved to using Cloudflare as my DNS provider. It makes the provisioning of SSL certificates from Letsencrypt much cleaner (as verification is done automatically through an API to the DNS, rather than by creating files on the web server).
To glue everything together, I’ve put all the ‘source’ of my sites onto GitHub. That allows automatic deployment from Netlify when I commit changes.
All pretty good and easy (in hindsight).