Today, everybody is talking about the cloud. In this article, I want to describe why I migrated my whole server infrastructure from cloud-VMs to a dedicated root-server.
My old infrastructure
I'm a big fan of hosting services myself when possible. I used to use some smaller Hetzner-VMs for that. But gradually, I discovered more and more disadvantages to that setup:
- Every VM has its public IP address and thus potential security risks.
- The setup was quite expensive (~25€ / Month for 12GB RAM and 6 virtual CPU-cores)
- Very little HDD space (20-40GB per VM)
- The setup was done entirely by hand (and thus very hard to restore in the case of a system outage)
The new infrastructure
My Friend Patrick om22.de and I ordered a dedicated root-server from Hetzner. Its technical specs are:
- AMD Ryzen CPU with 6 cores (12 including hyperthreading)
- 64GB of RAM
- 2x 512GB NVME SSD (configured as RAID 1, so 512GB in total)
- We installed Proxmox on the server so that we could easily create our own VMs on the server.
All my VMs are running on Centos 8 Linux.
Networking
The host server tunnels all ingoing traffic to my IPv4 address to my firewall/proxy VM. From there, it's forwarded to an application-VM, depending on its hostname. All application servers can reach the internet via this VM due to a Firewalld NAT-rule.
Monitoring
In my old setup, I used Icinga2 for monitoring. I switched to CheckMK for my new setup, just because of its simplicity and automatic service discovery.
Provisioning
I provisioned the new setup using Ansible. This would allow me to switch very fast to another provider, if necessary.
Backups
I use Borg-backup to backup important files to a backup-VM. I use rsync to copy the backup to my local RAID periodically.
Services
I self-host the following services:
- My homepage mrupp.eu
- ShareLaTeX for document management
- Radicale for calendar syncing
- Meemo for note-taking
- Miniflux for reading RSS feeds
- My location tracking (see this post)
- Some small personal projects
I'm planning to host in the future:
- Some sort of password management
- Gitlab