Replacing a $3000/mo Heroku bill with a $55/mo server

The cloud has made people afraid of linux servers. The markup is essentially just the price business has to pay because of developer insecurity. The irony is that self hosting is relatively simple, and alot of fun. Personally never got the appeal of Heroku, Vercel and similar, because theres nothing better than spinning up a server and setting it up from scratch. Every developer should try it.

my take is that it's fun up until there's just enough brittleness and chaos.. too many instance of the same thing but with too many env variables setup by hand and then fuzzy bug starts to pile up

I dunno, the cloud has mostly made me afraid of the cloud. You can bury yourself in towering complexity so easily on AWS. (The highly managed stuff like Vercel I don't have much experience with, so maybe it's different.)

I will recommend to try GCP or Azure, the complexity is lower there! AWS is great for big corporate that needs a lot of lego pieces to do their own custom setup. At the contrario, GCP and Azure solutions are often more bundled.

It is way more than that though.

It offloads things like - Power Usage - Colo Costs - Networking (a big one) - Storage (SSD wear / HDD pools) - etc

It is a long list but what doesnt allow you do it make trade offs like spending way less but accept downtime if your switch dies etc etc.

For a staging env these are things you might want to do.

> The irony is that self hosting is relatively simple, and alot of fun. Personally never got the appeal of Heroku, Vercel and similar, because theres nothing better than spinning up a server and setting it up from scratch.

It's fun the first time, but becomes an annoying faff when it has to be repeated constantly.

In Heroku, Vercel and similar you git push and you're running. On a linux server you set up the OS, the server authentication, the application itself, the systemctl jobs, the reverse proxy, the code deployment, the ssl key management, the monitoring etc etc.

I still do prefer a linux server due to the flexibility, but the UX could be a lot better.

> the price business has to pay because of developer insecurity

Is it mostly developer insecurity, or mostly tech leadership insecurity?

Never got the appeal of having someone else do something for you, and giving them money, in exchange for goods and services? Vercel is easy. You pay them to make it easy. When you're just getting started, you start on easy mode before you jump into the deep end of the pool. Everybody's got a different cup of tea, and some like it hot and others like it cold.

Sure I love having someone else do work for me and paying them for that, the question is if that work is worth a 50x markup.

Yeah, but then we're just haggling. If you know how to change the belt on your car and already have the tools, it's different from when you're stranded with no tools and no garage and no belt.

And all of that takes, what, a week? As a one time thing?

If you're a mechanic you're supposed to know how to change the belt on your car. It would be insane if you write code and work with computers for a living but you dont know how to set up a web server.

I use NixOS and a lot of it is in a single file. I just saw some ansible coming by here, and although I have no experience with it, it looked a lot simpler than Nix (for someone from the old Linux world, like me… eventhough Nix is, looking through your eyelashes, just a pile of key/value pairs).

It would be insane if you write code and work with computers for a living but you dont know how to write a game engine in assembly.

Flour, salt, and water are exceedingly cheap. I have to imagine the loaf of bread I buy from my baker reflects considerably more than a 50x markup compared to baking my own.

It’s a lot cheaper than me learning to bake as well as he does—not to mention dedicating the time every day to get my daily bread—and I’ll never need bread on the kind of scale that would make it worth my time to do so.

I am pretty sure I know much more about code than you do, and at the same time you probably know much more about web servers and sysadmin than I do. I don't mind if it stays like that. And I am saying this having programmed my own web server in Java about 25 years ago.

Takes less than a day, because most of the stuff is scriptable. And for a simple compute node setup at Hetzner (I.e. no bare metal, but just a VM) it takes me less than half an hour.

Can you please edit out swipes, putdowns, name-calling, etc., from your HN posts? It's not what this site is for, and destroys what it is for.

This is in the site guidelines: https://news.ycombinator.com/newsguidelines.html.

Installing a web server is in no way the same as writing a game engine, let alone in assembly, and I think you know that.

Bread is a great example! You can buy a loaf for $3-4. It is not a 50x markup. Like growing your own veggies, baking bread is for fun, not for economics.

But the cloud is different. None of the financial scale benefits are passed on to you. You save serious money running it in-house. The arguments around scale have no validity for the vast, vast majority of use cases.

Vercel isn't selling bread: they're selling a fancy steak dinner, and yes, you can make steak at home for much less, and if you eat fancy steak dinners at fancy restaurants every night you're going to go broke.

So the key is to understand whether your vendors are selling you bread, or a fancy steak dinner, and to not make the mistake of getting the two confused.

A whole lot of coding and working with computers doesn't involve setting up a web server. It's not insane at all.

Honestly I think it's the database that makes devs insecure. The stakes are high and you usually want PITR and regular backups even for low traffic apps. Having a "simple" turnkey service for this that can run in any environment (dedicated, VPS, colo, etc.) would be huge.

I think this is partly responsible for the increased popularity of sqlite as a backend. It's super simple and lightstream for recovery isn't that complicated.

Most apps don't need 5 9s, but they do care about losing data. Eliminate the possibility of losing data, without paying tons of $ to also eliminate potential outages, and you'll get a lot of customers.

Nix is great, but it still requires some training and expertise.

And the overlap between what Nix does and what the 'cloud' does for you is only partial. (Eg it can still make sense to use Nix in the cloud.)

Please do yourself a flavour and check the price of flour.

Water is cheap, yes. Salt isn't all that cheap, but you only need a little bit.

> [...] and I’ll never need bread on the kind of scale that would make it worth my time to do so.

If you need bread by hand, it's a very small scale affair. Your physique and time couldn't afford you large scale bread making. You'd a big special mixer and a big special oven etc for that. And you'd probably want a temperature and moisture controlled room just for letting your dough rise.

"Self hosting" may actually be referring not to hosting your own on-prem hardware, but to renting bare metal in which case the concerns around power usage, networking, etc. are offloaded to the provider.

> It's fun the first time, but becomes an annoying faff when it has to be repeated constantly.

Certainly true, but there are a whole lot of tools to automate those operations so that you aren't doing them constantly.

$16 for a 50 pound sack right now

https://postmates.com/store/restaurant-depot-4538-s-sheridan...

I blush to admit that I do from time to time pay $21 for a single sourdough loaf. It’s exquisite, it’s vastly superior to anything I could make myself (or anything I’ve found others doing). So I’m happy to pay the extreme premium to keep the guy in business and maintain my reliable access to it.

It weighs a couple of pounds, though I’m not clear how the water weight factors in to the final weight of a loaf. And I’m sure that flour is fancier than this one. I take your point—I don’t belong in the bread industry :)

That’s a tremendously clarifying framework, and it makes a lot of sense to me. Thank you.

I wonder, though—at the risk of overextending the metaphor—what if I don’t have a kitchen, but I need the lunch meeting to be fed? Wouldn’t (relatively expensive) catering routinely make sense? And isn’t the difference between having steak catered and having sandwiches catered relatively small compared to the alternative of building out a kitchen?

What if my business is not meaningfully technical: I’ll set up applications to support our primary function, and they might even be essential to the meat of our work. But essential in the same way water and power are: we only notice it when it’s screwed up. Day-to-day, our operational competency is in dispatching vehicles or making sandwiches or something. If we hired somebody with the expertise to maintain things, they’d sit idle—or need a retainer commensurate with what the Vercels and Herokus of the world are charging. We only need to think about the IT stuff when it breaks—and maybe to the extent that, when we expect a spike, we can click one button to have twice as much “application.”

In that case, isn’t it conceivable that it could be worth the premium to buy our way out of managing some portion of the lower levels of the stack?

Hum... Writing a game engine is a high-difficulty task that should be available to any reasonably good software developer with a few months to study for it. Making it in assembly is a sure way to take 10 times the time of another low level language like C, but shouldn't be an impossibility either.

Configuring a web server is a low-difficulty task that should be available for any good software developer with 3 days to study for it. It's absurd for a developer to need to configure a web server, but insist on paying a large rent and cede control to some 3rd party instead of just doing it.

But if you're that familiar with it, the overpriced turnkey stuff wouldn't look so tempting in the first place.

"The irony is that self hosting is relatively simple"

cloud is easy until is not, for 90% of us maybe we dont need a multi region with hot and cold storage

for those that need it, its neccesary

isn't that just neon db???? but without losing data part

bread ingreadient is cheap but the equipment that you need to do baking is not

also skills, some people just bake better than others

Mind sharing these tools and what each one does?

Well, in your case, you are mostly paying for the guy's labour, I presume.

(Similarly to how you pay Amazon or Google etc not just for the raw cloud resources, but for the system they provide.)

I grew up in Germany, but now live in Singapore. What's sold as 'good' sourdough bread here would make you fail your baker's training in Germany: huge holes in the dough and other defects. How am I supposed to spread butter over this? And Mischbrot, a mixture of rye and wheat, is almost impossible to find.

So we make our own. The goal is mostly to replicate the everyday bread you can buy in Germany for cheap, not to hit any artisanal highs. (Though they are massively better IMHO than anything sold as artisanal here.)

Interestingly, the German breads we are talking about are mostly factory made. Factory bread can be good, if that's what customers demand.

See https://en.wikipedia.org/wiki/Mischbrot

Going on a slight tangent: with tropical heat and humidity, non-sourdough bread goes stale and moldy almost immediately. Sourdough bread can last for several days or even a week without going moldy in a paper bag on the kitchen counter outside the fridge, depending on how sour you go. If you are willing to toast your bread, going stale during that time isn't much of an issue either.

(Going dry is not much of an issue with any bread here--- sourdough or not, because it's so humid.)

> Salt isn't all that cheap

Wait, what? Salt is literally one of the cheapest of all materials per kilogram that exists in all contexts, including non-food contexts. The cost is almost purely transportation from the point of production. High quality salt is well under a dollar a pound. I am currently using salt that I bought 500g for 0.29 euro. You can get similar in the US (slightly more expensive).

This was a meme among chemical engineers. Some people complain in reviews on Amazon that the salt they buy is cut with other chemicals that make it less salty. The reality is that there is literally nothing you could cut it with that is cheaper than salt.

Neon is definitely way more complex than what I'm talking about.

Ansible, Salt and Puppet are mostly industry standard. Those tools are commonly referred to as configuration management (systems).

Ansible basically automates the workflow of: log in to X, do step X (if Y is not present). It has broad support for distros and OSes. It's mostly imperative and can be used like a glorified task runner.

Salt let's you mostly declaratively describe the state of a system. It comes with a agent/central host system for distributing this configuration from the central host to the minions (push).

Puppet is also declarative and also comes with an agent/central host system but uses a pull based approach.

Specialized/ exotic options are also available, like mgmt or NixOS.

Well, salt is more expensive than water.

But sure, it's cheap otherwise. Point granted.

One way or another, salt is not a major driver of cost in bread, because there's relatively little salt in bread. (If there's 1kg of flour, you might have 20g of salt.)

> bread ingreadient is cheap but the equipment that you need to do baking is not

It's actually not too bad, if look at the capital cost of a bread factory amortised over each loaf of bread.

The equipment is comparatively more expensive for a home baker who only bakes perhaps two loafs a week.

Thanks, this is very detailed! Could you share some real-world use cases for these tools?

Actually I am looking for tools to automate DevOps and security for self-hosting

In that case, you don't want cloud; you want an MSP, whose core competence is running those IT services. They, in turn, have the skills to colo a rack at a DC or to manage rented servers, amortized across a number of clients.

In practice, there are two situations where cloud makes sense:

1. You infrequently need to handle traffic that unpredictably bursts to a large multiple of your baseline. (Consider: you can over provision your baseline infrastructure by an order of magnitude before you reach cloud costs) 2. Your organization is dysfunctional in a way that makes provisioning resources extremely difficult but cloud can provide an end run around that dysfunction.

Note that both situations are quite rare. most industries that handle that sort of large burst are very predictable: event management know when a client will be large and provision ticket sales infra accordingly, e-commerce knows when the big sale days will be, and so on. In the second case, whatever organizational dysfunction caused the cloud to be appealing will likely wrap itself around the cloud initiative as well.

Fucking every web-dev assumes web-dev is all of programming. I have always been a game dev, never done any internety stuff, I was never interested in it. I would defo find the game engine task a lot easier. I already know what I would do. I wouldnt know where to start with the server + I dont know what the "gotchas" are. If I was forced to do that I would schedule a really long time for it.

Salt and Puppet are useful for managing a fleet of servers running various applications, especially when you need to scale those applications horizontally or want geo-distribution.

Ansible can also do that, on top of literally anything else you could want - network configuration, infrastructure automation, deployment pipelines, migrations, anything. As always, that flexibility can be a blessing or a curse, but I think Ansible manages it well because it's so KISS.

RedHat's commercial Ansible Automation Platform gives you more power for when you need it, but you don't need it starting out.

A combination of HashiCorp Packer and Ansible means I can "publish" a VM ready-to-rock image to a public cloud provider gallery and use it to run a VM in said cloud.

Ansible-Lockdown is another excellent example of how Ansible can be used to harden servers via automation.

> It's fun the first time, but becomes an annoying faff when it has to be repeated constantly.

I have to ask - do scripts not work for you?

When I had to do this back in 2005 it was automated with 3 main steps:

1. A preseed (IIRC) debian installation disc (all the packages I needed where installed at install time), and

2. Which included a first-boot bash script that retrieved pre-compiled binaries from our internal ftp site, and

3. A final script that applied changes to the default config files and ran a small test to ensure everything started.

Zero human interaction after powering a machine on with the disc in the drive.

These days I would do it even better (system-d configs, Nix perhaps, text files (such as systemd units) can be retrieved automagically after boot, etc).

The other commenter already answered the usecase question, for self-hosting you will likely find ansible the easiest entrypoint.

It is in general the simplest of these systems to get started with and you should be able to incrementally adopt it. There is also a plethora of free online resources available for it.

Where do you spend $21 for a loaf of sourdough?! My local baker sells a delicious loaf of artisanal sourdough for £4 here.

Of course, the difference between sourdough and anything else is astonishing, I just can't comprehend someone charging $21 for it!

I don’t assume that (and am not a dev - DBRE / SRE) at all. I have massive respect for game devs, since you’re one of the few subsets that seems to give a shit about performance.

I bet you could figure out `apt install nginx` and a basic config pretty quickly, definitely faster than a web dev could learn game programming. “What do you mean, I have to finish each loop in 16 msec?”

Your example only covers basic provisioning. The additional items mentioned by the parent comment can be a significant investment, both initially and over time.

Even with automation, it can be a full-time job just to keep pace with the rate of change, never mind the initial development which can be non-trivial.

> Puppet is also declarative and also comes with an agent/central host system but uses a pull based approach.

The person you're replying to mentioned a self-hosting use case, so this probably isn't relevant for that, but Ansible can also be configured for a pull approach, which is useful for scaling.

You can make amazing sourdough at home in a cast iron pot. It requires time, that's the nature of sourdough, but it's not hard once you learn how. I guarantee you could make bread as good or better for a dollar of ingredients!

Unless you're talking about the oven, the equipment isn't expensive.

Some skills are required, but it's really not that hard once you learn the technique and have done it a few times.

A comment in adjacent thread above mentioned paying $21 per-loaf! That could pay for the equipment needed to bake a couple loaves a week. You really don't need much besides a normal oven.

I can't help it that humanity is so stupid.

That's true, but you can stop posting to HN from that place.

Edit: I feel like I should give you a more fulsome response, so here goes:

I understand the frustration. I feel it too, even apart from HN making me feel it as part of my job. But I've had to learn some lessons about this, such as:

1. It doesn't help to assume the position of the-one-who-is-not-stupid. Doing that is supercilious and just means you'll contribute to making things worse.

2. Far better is to accept that, as one is human, one shares in all the qualities of being human, including a full complement of stupidity.

3. I forget the third lesson!

> Your example only covers basic provisioning.

No. It covered setting up all the applications needed as well (nginx, monitoring agent, etc), installing keys/credentials.

What did parent mention that can't be covered by the approach I used?

I guess I read your comment as OS, the app, and configs, while the parent mentions auxiliary items, ending with "etc etc". The point is, all the extra things that aren't the app take knowledge and resources to set up and maintain.

Sure you can script all the things into 3 steps, just like you can draw an owl with a couple circles.

Regarding 2., I am not stupid; I might be ignorant in some fields, but do you see me arguing against a world expert in some field I know nothing about?

Stupid people ruin everything.

> The point is, all the extra things that aren't the app take knowledge and resources to set up and maintain.

Maintain, maybe. The setup for everything extra can scripted, and include a few packages I had to build from source myself because there was no binary download.

I hear you, and I'm passionate about automating all the things. I just wanted to add some perspective to the discussion to set expectations for less experienced people who might be considering a switch from PaaS to DIY.

I'm not a PaaS user, and I encourage people to avoid vendor lock-in and be in control of their own destiny. It takes work though, and you need to sweat the details if you care about reliability and security, which continue to be problem areas for more DIY solutions.

If people aren't willing to put in the work, I'd rather they stick to the managed services so they don't contribute to eroding the already abysmal trust of the industry at large.

Ok, but please do stop posting to HN about how stupid others are. Being smarter is your burden to bear.