Automate local deployment of docker containers with gitlab runner and gitlab-ci without privileged user

We have a prototype-oriented develop environment, in which many small services are being developed and deployed to our on-premise hardware. We’re using GitLab to manage our code and GitLab CI / CD for continuous integration. As a next step, we also want to automate the deployment process. Unfortunately, all documentation we find uses a cloud service or kubernetes cluster as target environment. However, we want to configure our GitLab runner in a way to deploy docker containers locally. At the same time, we want to avoid using a privileged user for the runner (as our servers are so far fully maintained via Ansible / services like Portainer).

Typically, our .gitlab-ci.yml looks something like this:

stages:
  - build
  - test
  - deploy

dockerimage:
  stage: build
  # builds a docker image from the Dockerfile in the repository, and pushes it to an image registry

sometest:
  stage: test
  # uses the docker image from build stage to test the service

production:
  stage: deploy
  # should create a container from the above image on system of runner without privileged user

TL;DR How can we configure our local Gitlab Runner to locally deploy docker containers from images defined in Gitlab CI / CD without usage of privileges?

Source: Docker Questions