
Self-hosting a blog for cheap and lazy devs - sphuff
https://sphuff.com/self-hosting-a-blog-for-cheap-and-lazy-devs/
======
stevekemp
The guide exposes the back-end webserver to the public, by accident.

Instead of:

    
    
        ports:
          - "2368:2368"
        expose:
          - "2368"
    

The author probably just needs:

    
    
        ports:
          - 127.0.0.1:2368:2368
    

That way "localhost:2368" will be routed to 2368 inside the container, such
that caddy can access it, but not accessible externally, as it is right now:

    
    
        $ curl -v https://sphuff.com:2368
    

Though of course the ideal solution would be to run caddy as another
container, and link them together.

~~~
dawnerd
I see this a lot with redis in docker compose as well. I've even done it by
mistake.

Also why the heck doesn't redis have auth by default. It's so ridiculously
easy to get "hacked" and inadvertently run a crypto miner.

~~~
WJW
Can you run a crypto miner as a lua script in Redis? That is actually kinda
cool tbh. You'd notice pretty quickly since Redis won't respond anymore.

~~~
dawnerd
Little more complex than that. They issue a command that ends up downloading a
bunch of shell scripts and goes from there. Does a lot of other nasty things
too like trying to steal any ssh key on the machine to presumably use those
machines to mine.

Luckily running inside of docker prevents a lot of that by default.

It is very noticeable though when you log into your dev server and the cpu is
pegged at 100%.

I copied some of what it did here:
[https://gist.github.com/dawnerd/50915749d05d865025b447d5941f...](https://gist.github.com/dawnerd/50915749d05d865025b447d5941f3683)

------
badatcomputer
Anything that starts with "Install Docker" will not be cheap or easy

~~~
seph-reed
This is exactly how far I got in before my "No fucking way" alarm went off.

If you want to be truly cheap and lazy use github pages (free), static html
(maybe with a markdown converter), and Disqus iframes for comments.

~~~
codemonkey-zeta
Ding ding ding, we have a winner! This is exactly the process I landed on this
week when I decided to start a blog. There's literally nothing cheaper or more
convenient (or resume-appropriate, since I already share my github) than
github pages. Generating a static site is almost trivial (I landed on using
Hugo, but a bunch of solutions are just as easy).

To take the laziness a step further I use emacs and org-mode and publish with
ox-hugo ([https://ox-hugo.scripter.co/](https://ox-hugo.scripter.co/)). Set up
an org-capture for the blog template, and I'm only a few keystrokes away from
creating and publishing a new post at any time.

~~~
james-skemp
Fair warning: keep up to date with your Hugo version locally, or use a set
version in GitHub Pages.

I'm using Gitlab Pages with latest version of Hugo pulled by default. I don't
post as much as I did, and have twice had to spend over an hour getting a
theme updated for the latest version of Hugo since I didn't update my version
and there's been breaking changes.

Outside of that, Hugo is fantastic. Good luck with your blog!

~~~
skrtskrt
I have really struggled with Hugo’s organizational structure, and for some
reason I always end up with pages that are supposed to be lists of posts being
completely blank for no reason. No debug messages or anything. I would have to
just clone the repo and start stepping through which I do not care to do.

Hugo’s insistence that you have to have a theme is infuriating. I don’t want a
theme, I want html and tiny bit of CSS

I’ve tried three times to switch over and it all ends in frustration. It
amazes me that I just can’t wrap my mind around it, or just can’t let go and
have it force me into it’s opinions about how to structure my site. It's
completely possible that I'm just an idiot.

Have always just gone back to Jekyll.

My site is _really_ simple too.

------
chrisseaton
This seems both more work and more expensive than GitHub Pages. Hardly the
cheap or lazy option.

And if the author is reading - your Author link is broken.

~~~
thesandlord
Yeah, creating a Docker container and setting up Caddy seems like a lot of
work.

Netlify, Firebase Hosting, GitHub pages, etc, all make it super easy to host a
static blog for free, require zero maintenance, and are all backed by global
CDNs.

My blog setup uses Netlify to automatically build and deploy on a git push
using the built in Hugo support.

Now of course, there is the argument of what "self-hosting" is. Does it just
mean you own your domain name and content? Or does it mean you are actually
running the server? If its the latter, then sure this is a valid solution, but
if all you care about is owning your domain and content I'd use one of the
static hosting providers.

~~~
mark212
agreed, seems like running your own server just for a blog is really overkill
and has a lot of overhead for no reason

~~~
andai
I heard Troy Hunt say about why he uses a blog service instead of hosting it
himself, (roughly) "Do I want mess around with server configuration or do I
want to write?"

------
dwheeler
The key part about having your own personal blog site is owning your own
domain. As long as you own the domain, you can change your mind. As long as
you own your domain name, you can self-host today, host elsewhere, or whatever
you want.

If the domain name is owned by somebody else, then they own and control the
site, not you.

~~~
superkuh
This brings up the related issue of the normal domain name system and it's
governence. No one really owns their domains. They lease them at the whim of
some corporate or government entity.

But if you put up a tor onion service you actually own your domain name. I'm
not saying only host on tor, but why not a .onion too?

~~~
dwheeler
That is an endless rabbit hole. In that case, no one owns land or any other
kind of property either. Obviously a government entity could take any or all
of it away from you if you are in their jurisdiction. And if you do not pay
land taxes, you don't get to keep the land either.

I mean ownership in the usual sense. There are laws and people who are
supposed to enforce those laws so that once you purchase something and obey
certain rules, you get to keep it. Perhaps more importantly, if a typical
energy says they just want to take it from you, there are courts you can
appeal to.

If you post on Facebook, and Facebook takes it down, you have absolutely no
right of appeal. If I post material on my personal site on a domain I own, it
is harder to take down, and much easier to bring it back. I'm assuming here
that the content is not illegal, that's a different issue.

------
staysaasy
We host our blog using solely off-the-shelf tools, and I love the stack that
we use. I highly recommend it if you're looking for a stack with 100% control
and are ok with some light technical wrangling (eg using Git):

\- Jekyll for static site generation
[https://jekyllrb.com/](https://jekyllrb.com/)

\- We use the Hydeout Jekyll theme, you can see how it looks on our blog:
[http://staysaasy.com/](http://staysaasy.com/). What you see is out-of-the-box
plus ~30 lines of custom CSS.

\- Git for storing our content

\- Gitlab for CI/CD and hosting

\- GoDaddy for domain management

We manage all of the content in Git, and push it when it's ready. It's really
easy. You can even run "code reviews" on posts if you like.

~~~
MaxBarraclough
All sounds good apart from GoDaddy. Why not use a more reputable registrar?

[https://news.ycombinator.com/item?id=4362478](https://news.ycombinator.com/item?id=4362478)

~~~
staysaasy
Just because it's what we already used. It's the most dispensable part of the
stack (and arguably shouldn't even be considered part of our stack at all).

~~~
MaxBarraclough
> arguably shouldn't even be considered part of our stack at all

Why not? If your registrar screws you over, it's game over. It's a critical
dependency.

------
lowlevel
Lost me at step 1. There isn't an explanation as to why docker is a good
idea... I feel it isn't, and I'm kind of too lazy to go figure if I'm wrong.

------
thamer
I use Hugo ([https://gohugo.io/](https://gohugo.io/)) to generate static pages
and host them on Amazon S3, with CloudFront on top of it for fast delivery.
AWS also provides a free SSL certificate, and DNS with Route53.

I couldn't be happier with the setup: it's cheap, fast, requires zero
maintenance and pretty much never goes down. Cost is close to nil: the most
expensive part is for Route53 at $0.50 per Hosted Zone, and then S3+CloudFront
add a few cents more.

If folks want to see how fast static pages can be on a CDN, the site is at
[https://re.kv.io](https://re.kv.io)

P.S. I didn't have to install Docker or MySQL.

~~~
waffle_ss
The only problem with that setup is if a post goes viral CloudFront will cost
you a pretty penny. I had one post with ~1MB of assets that was read (IIRC)
70k times in a month and got an ~$80 bill. I’ve since switched to Cloudflare.

~~~
thamer
The AWS Calculator[1] reports that 70 GB (70k times 1 MB) of transfer out of
CloudFront costs ~$3 and another 70 GB to the origin costs about another $3 –
this would only be the case if the 1 MB was dynamically generated. The free
tier is 50 GB and 2 million requests per month, and beyond that it’s ~0.085/GB
in the US so 70 GB would cost 70 * 0.085 = $5.95. You also need to count $0.01
per 10k HTTPS requests, or $0.07 for 70k.

I'm not sure how you got this bill, none of these numbers are anywhere near
$80.

[1]
[https://calculator.s3.amazonaws.com/index.html](https://calculator.s3.amazonaws.com/index.html)

~~~
waffle_ss
OK, I was off quite a bit and the total of all assets on the page is 27MB.
That's mostly due to several HD pics on the page and one 2-second soundless
looping MP4.

The total CloudFront bill was $87.65, the bulk being $74.98 spent in North
America (2.5M requests @ $2.52, 852.518 GB data transferred @ $72.46). Those
prices are as of March 2019. Doing that math that's only 31.5K page loads in
North America (my 70K view number is from Google Analytics worldwide and may
have straddled months, or counted re-views, I dunno).

Now, I remember running those pics through TinyJPG so they are as compressed
as possible. And I could probably add some kind of JavaScript lazy loading
library to only load images as users scroll down to them. Or, I could just use
Cloudflare and not think about it. _/ shrug_

------
gourneau
Also if y'all are looking for incredibly cheap servers
[https://www.serverhunter.com/](https://www.serverhunter.com/) has many listed
that are less than $5 a year. Most of them are OpenVZ based, and very low
performance but good for hobby projects. The other compromise is many don't
have entire IPv4 addresses, just a few forwarded ports.

------
waffle_ss
This doesn't cover IPv6 - you'll also need to create an AAAA record and
(presumably, not familiar w/ Caddy) bind to an IPv6 address (e.g. ::1) in the
reverse proxy config

~~~
Ayesh
Further, the Vultr's $2.5 VPS doesn't come with an IPv4 address, but a /64
IPv6.

------
update
I coded[0] a very simple CMS for my blog around 8 years ago. I wanted
something fast and I wanted to use python instead of PHP. so I went with nginx
+ uwsgi. The website[1] runs on an old laptop. 8 years later I've edited maybe
a handful of lines of code.

Perhaps I'm missing something, but I don't get why these articles pop up so
frequently as if making a blog was some super complicated thing that required
the latest CMS, etc. Most people here (including me) would suffice with a
nginx and plain html/css, no CMS required, based on articles like these, at
least.

[0] [https://github.com/sfttw/avanti](https://github.com/sfttw/avanti) [1]
[https://blog.sailingfasterthanthewind.com/](https://blog.sailingfasterthanthewind.com/)

------
butz
Netlify has a free plan and you don't have to tinker with containers.

~~~
zo1
I've seen Netlify mentioned a few times now. Are there any downsides/negatives
to using it?

~~~
chrisdalke
I’ve wondered the same thing. It’s so ridiculously convenient that there _has_
to a catch!

I previously used the S3 + Cloudfront setup that many commenters have
mentioned, but have switched to Netlify for static sites simply because I
don’t have the overhead of setting up any configuration in AWS. With Netlify,
you can be up and running with a new static site as soon as the DNS record
propagates.

I’ve always wondered if there was any throttling or performance impact at high
traffic- but I haven’t built any high-traffic sites yet :)

------
randtrain34
Or make your blog static and use Netlify.

~~~
julianeon
Yeah, it seems like the 'hosted blog' has reached commodity status, going as
low as $0/year if you make yours static.

Doesn't seem to be much point in competing against $0, though the technical
side is interesting.

------
627467
Not directly related but:

How readable are these mobile layouts for everybody else?

[https://postimg.cc/4HbvS38q](https://postimg.cc/4HbvS38q)

[https://postimg.cc/SjWGsZyd](https://postimg.cc/SjWGsZyd)

------
jpswade
I migrated away from Wordpress to github pages and Jekyll...

[https://wade.be/2016/01/30/welcome-to-
jekyll.html](https://wade.be/2016/01/30/welcome-to-jekyll.html)

Can’t get any easier, cheaper or lazier than that.

~~~
andai
> Wordpress is bloated. It won’t even run on a basic free DigitalOcean
> instance.

Woah, does it use an obscene amount of RAM or what? It's been a while since I
used it. (Also, I think you meant the cheapest Droplet using the free $100
credit? I don't think there is a free tier. Would be nice tho :)

~~~
ac29
No, it doesn't. I run three sites on a $5 1GB VM and its rare to see over half
the memory in use (aside from cache).

------
decompiled_dev
Having a static site and pushing to github pages is working pretty well for
me.

------
Insanity
I use github pages. Can't get more cheap or lazy than that I guess?

~~~
SparkyMcUnicorn
GitLab pages is another great option. It has more generous limits than github
pages.

~~~
ferzul
but it also isn't self-hosting.

~~~
0x6c6f6c
None of these alternative suggestions are. Nor is the blog post suggestion
though, they're not running on their own server but a cloud providers. Sooo
all of this is really not self hosted

------
hawski
If you don't use SaaS blog platform and host it on a VPS it counts as self-
hosting?

In this case shared hosting will be even cheaper and maintenance free. System,
server, Let's encrypt cert, database and language updates will be taken care
of. Many of those PHP CMS-es or blogging systems have a one click updates in
place. Some shared hosting providers can also take care of this for you. You
can get something with ssh access and rsync so you can be lazy and edit HTML
with Word and just sync it or an SSG if that strikes your fancy.

------
ro2nie
VuePress (which generates static pages) with netlify is completely free. I can
push to a branch and automatically have it deploy new posts.

------
nopit
Why isn't caddy in a container?

~~~
yjftsjthsd-h
It's a single binary file, so there's not a whole lot to be gained unless
you're already doing containers in general. When the entire system is this few
moving parts, I'm not sure that it's worth the trouble of containerizing it.

~~~
meritt
That makes no sense. You containerize both, or you containerize neither. I
wager most people from both camps (for and against containers) would agree.

------
Alir3z4
Good stuff, but I never liked self hosting a blog when I can just pop it up on
a hosted solution. I want to write and forget and not maintain. By the time
that I setup a blog, I'd have lost my interest in writing.

Probably, I'll just write about my pain about how did I deal with docker,
exposing the port, nginx reverse, some vps provider and DNS stuff.

------
paxys
Local storage on a VM instance should never be treated as a permanent data
source.

------
herostratus101
This seems more complicated and significantly more expensive than hosting a
static site from S3 and using a Cloudfront distribution to enforce SSL.

