s3 + cloudfront takes approximately 2 extra steps every deploy, and about 10 extra steps that are easy to screw up at setup time. It's not a trivial drop-in, but yes, once it's done it's _really_ done.
s3 + cloudfront takes approximately 2 extra steps every deploy, and about 10 extra steps that are easy to screw up at setup time. It's not a trivial drop-in, but yes, once it's done it's _really_ done.
You can make it zero deploy steps beyond git push with CodePipeline, and vibecoding makes the annoying config setup trivial if you know like 20% of what you're doing. There is really zero reason to be using a VPS for this unless you hate money, want your site to choke during once-in-lifetime opportunities to go life-changingly viral, and like contributing to the global population malicious botnets.
OMG, not the once in a lifetime viral opportunity!
You will never win this crusade, because there are too many people here who know from experience a VPS is neither expensive, nor under-performing up to millions of users a day, nor hard.
That's fine, it's not really a crusade. Just my opinion about the right infrastructure for the right use case informed by the objective reasons I gave. If doing more work with more headaches for a solution that costs more and performs worse is your jam, then power to you.
You’ve written nothing objective.
Sure I have. Let me help you by recapping:
1. VPS costs more money. CDN is free for all intents and purposes.
2. VPS has worse availability even when run perfectly.
3. VPS requires more monitoring and maintenance.
4. VPS presents far greater security risk.
You don’t need to recap your subjective experience, it’s on full display.
u/grebc if money is subjective to you, then you're free to send me some as you objectively won't miss it.
Seems you have trouble reading too.
You're not wrong, but that doesn't make your argument immediately compelling. It is easy, but so is VPS. People use what they know, and switching cost requires a reason other than "this is also easy"
Why would a VPS choke hosting static HTML?
For 5 EUR you get 20 TB traffic on Hetzner.
You tell me. Here's a list of maybe 15 sites it's happened to on HN in just the last month: https://hn.algolia.com/?dateRange=pastMonth&page=0&prefix=tr...
This is a broken take for so many reasons. Also service monitoring is a thing.
https://en.wikipedia.org/wiki/The_Feeling_of_Power
I listed my reasons, feel free to provide your own. I've done enough security, ops, and oncall professionally that I have zero desire to do extra in my free time. Power to you if want to do otherwise and/or post references to "deskilling" while advocating an outdated inefficient approach to long-solved problems.
> want your site to choke during once-in-lifetime opportunities to go life-changingly viral, and like contributing to the global population malicious botnets.
You can put it behind cloudflare for free.
You can put the whole thing on CloudFlare Pages for free too. Zero reason to pay for or deal with the complexity of an unnecessary VPS.
Again “zero reason”. For some people it’s fun to have a VPS, that is a reason in and of itself.
Of course literally anything can be 'reasonable' if you a priori like doing it independent of its technical/functional merits. My ex-coworker liked to write literally tens of thousands of lines of extra, completely unnecessary code for fun. That was a fine reason for him personally but didn't make it any less stupid to deal with for the rest of us.
The key here is “coworker”. He has an obligation to do reasonable things due to being employed by someone and it affecting others.
This is completely different. When it’s a person blog and a personal VPS it’s affecting nobody but that person.
And that's A-OK for them if that person likes more work with more headaches for a solution that costs more and performs worse. (Although less OK for everyone else when their VPS gets compromised and made part of a botnet or otherwise used for cybercrime.)
This is a blog.... you don't need some monster machine. You can server TONS of people off the smallest Digital Ocean instance.
Many of these small VPSs can be had for less than a couple bucks a month. Tons of popular influencers run their own machines for their blog.
insinuating that it's unsafe to run your own machine is insanity. I don't understand this mindset of being scared to run your own stuff. Especially if you're doing doing it at such a large scale there's nothing wrong with doing it with nginx and a linux box on a vps. You'll learn a hell of a lot more and be fine. At the end of the day it's a computer. We've been hosting websites since the 70's. With the advant of cloud compute is easier than every to run your own.
(edited to be less mean)
We have had something vastly better than an individual computer since idk, the mid 90s, called a CDN.
I guess if you want to call being informed about the online threat landscape "scared", that's your perogative. For me, it's common sense to avoid completely unnecessary threat vectors to my digital infrastructure, but power to you if you like dealing with extra maintenance overhead and constantly wondering whether you're providing free cryptomining to some random international criminal.
There's threats on the internet, so don't spin up servers? Idk am I reading into that unfairly? That seems pretty fear mongering to me. Lots of engineering goes into making things safe for engineers to build on. Of course you can also just use squarespace and not worry about it at all. Perhaps my security posture is just not as intense as yours but I'm really just not super concerned my blog is going to get pwned. If it does then I get to learn some interesting things.
I'm also not sure that I really need a CDN for a simple blog . I'm not going to benefit from the caching as it's not video or images.
Servers are work, including security overhead, so yes, don't spin them up if there is an alternative solution that is superior in every way except for not being able to churn digital butter.
Yknow unfortunately I just don't think we're going to see eye to eye on this one. I really don't mind that small amount work and I enjoy owning and operating the entire stack. That dosen't really seem like your cup of tea.
The flexibility and learning is more important for me. For example I want to aggregate HN comments and lobste.rs comments and inject that into the HTML before serving. (on the server side so no CORS or other additions)
I was considering adding additional metrics to see who is hitting the server and how at the reverse proxy level.
This is all stuff I can't really do on a github pages blog.
I see what you're saying if you want set and forget that's fine, but like I said above it's a tradeoff.
The one server I have just has 80 and 443 open with nginx. I expect it to run indefinitely with little maintenance.
I mean, obviously we're not gonna see eye-to-eye if you're talking about a non-static, non-hugo site, which was the subject of my comment.
I've owned and operated enough stacks e2e both personally and professionally to have gotten over the novelty. The less shit that can go wrong, the better. I sleep better at night not wondering whether any of the constant stream of IPs in my fail2ban log is wielding a yet-to-be-CVE'd zero-day, or finding out that my site has been down for 6 weeks because of some fucking stupid bug in the latest kernel patch or whatever.
Sorry to jump in... But why are you ssh'ing into your hosts over the open net? Why not tailscale? Why not wireguard?
Assuming password authentication is disabled, why wouldn't you SSH into your hosts over the open net? Why Tailscale? Why Wireguard?
Great question...the answer is I don't, because I don't have any web hosting servers, or even persistent app servers for that matter. I've built 99% serverless for 10 years now and it has been glorious. Will never go back to managing individual hosts ever again if I can help it.
Good luck with that! I’ll enjoy my servers :)
Sounds to me that you're giving bullshit excuses because you lack the skills to run a basic httpd
Lol, I have years of experience managing/being oncall for business-critical production hosts that generated thousands of dollars of revenue per minute. While I don't profess to be a particularly skilled sysadmin, I will say the worst incident I was responsible for over those years was a minor 30-minute brownout that cost about $5k in lost revenue. So sure, you can call me a bullshitter if that makes you happy, as long as you're OK with me calling you a bullshitter for understating the cost, risk, effort and complexity of running an Internet-facing server properly, especially compared with the enormous advantages of using a CDN for static content.