Running an open source app: Usage, costs and community donations

(spliit.app)

260 points scastiel | 1 comments | 18 Oct 24 14:35 UTC | HN request time: 0s | source

Show context

LVB ◴[18 Oct 24 18:20 UTC] No.41882049[source]▶

I'm always curious what folks use for their database for things like this. Even though I like SQLite--a lot--my preference has become that the app is generally separate and mostly stateless. Almost always the data is the most important thing, so I like being able to expand/replace/trash the app infra at will with no worries.

Thought about maybe running a Postgres VPS, but I've enjoyed using neon.tech more than I expected (esp. the GUI and branching). I guess the thing that has crept in: speed/ease is really beating out my ingrained cheapness as I've gotten older and have less time. A SaaS DB has sped things up. Still don't like the monthly bills & variability though.

replies(3): >>41882319 #>>41882456 #>>41884198 #

jwells89 ◴[18 Oct 24 22:50 UTC] No.41884198[source]▶

>>41882049 #

Spinning up a VPS for things like this is tempting to me too, but not having done significant backend work in over a decade my worry would be with administering it — namely keeping it up to date, secure, and configured correctly (initial setup is easy). What's the popular way of handling that these days?

replies(1): >>41886233 #

1. ggpsv ◴[19 Oct 24 07:19 UTC] No.41886233[source]▶

>>41884198 #

Every case is different but as a baseline, you could use Ubuntu or Debian for automatic security upgrades via unattended-upgrades[0], harden ssh by allowing only pubkey authentication, disallow all public incoming connections in the firewall except for https traffic if you're serving a public service, everything else (ssh, etc) can go over wireguard (tailscale makes this easy). Use a webserver like nginx or caddy for tls termination, serving static assets, and proxying requests to an application listening on localhost or wireguard.

[0]: https://wiki.debian.org/UnattendedUpgrades

↑