Discuss Home · Bootstrapped Podcast · Scribbleton Personal Wiki · HelpSpot Customer Service Software · Thermostat NPS

Curious about your Dev Ops


#1

Just provisionned a new server on Linode and got my 20$ ! … Thanks guys… was a Digital Ocean fan but will try Linode this time…

Are you guys managing your own servers? Using consoles like Laravel Forge… Do you run your own email servers?

I have a tendency to go deep on these, configuring Nginx and stuff… The advantage is knowing what is happening on the back end… but eats up a lot of time… It also cheap… and I am cheap… lol

What are bootstrapers doing?


#2

I used to run a web and email server on a PC in my bedroom (2000). Then started using shared webhosting with “built-in” email services (2002). Now it’s services like SendGrid and Azure for me all the way!


#3

I used to do it all on my own and then switched over to Forge and Digital Ocean. For me the biggest thing was time savings and automation. My monthly Forge charge is one I happily pay knowing it saved me multiples of that if I had done it manually. There are a few extra things I have had to setup on the server for some special cases but nothing too exotic.


#4

Was thinking about Forge… but wondered how locked up you were from making any changes to your server afterwards… I guess you have to be careful not to interfere with what Forge is doing… And it’s up to 15$ per month… that’s another server… One thing I like about forge is the automation of the renewal of the SSL key…

Where do you run mail? I use SendGrid for anything bulk out… but run a mail in the box for the rest… My next trip is configuring a mail server from scratch… I guess I like pain… lol (did I also say I am cheap… )


#5

You have free rein to do what you need on the server. Forge sets up the database, nginx config, hooks for auto deploy from git repo, cron tabs if needed. After that you can do what you want on the server. As long as you don’t mess with directory permissions you should be safe. You can even modify deploy scripts which is handy.

I use postmark for email.

For me it came down to realizing $15 a month was less than my time spent to do the same stuff each month, I look at it as a cost savings.


#6

Forge is quite capable for most tasks - we use it a lot at UserScape. For $10-15 a month you can’t beat it - it’s really an insanely low price.

As a bonus, the script it generates if you provision a custom VPS gives you an idea of how it sets everything up (there isn’t much magic going on, which is nice too - KISS).

For non-forge servers, I create a set of Ansible roles to setup a server. Ansible seems to be the nicest configuration management tool for anyone who’s familiar with running commands on a server over SSH (since it itself is ssh-based, with a lot of programming in place to check the state of things to only make the changes it needs to).

We use this extensively to automate HelpSpot trials.

I definitely, hardily, ravenously, recommend NOT setting up your own mail server. It’s difficult, finding resource online are often confusing, old, or incomplete. Setting it up in a way that will improve your deliverability is a constant on-going battle (and that’s just sending mail, there’s also receiving spam). Making this harder, since all server providers have a pool of IP addresses the re-use, you never really know if an IP address has been used maliciously before.

Paying for an email service is absolutely worth it. Anything else is a complete waste of precious time.


#7

I understand your point about email servers… but I am already familiar with the process of deliverability… I use providers such as SendGrid for outbound… but inbound… I don’t like the idea of having all of my emails in Google’s hands… lol I am one of the craze ones that think the internet should be decentralized…

I ran quite a few and they are not that difficult to set-up … So email privacy is not a concern of yours?


#8

Our systems are a mix of managed hardware in data centers, Digital Ocean and Heroku. All of the managed hardware and DO instances are configured with chef.

Having said that, my general advice is minimize your operational needs at the beginning and then slowly scale up as the need arises. We ran DNSimple in the beginning on VPSs at several different providers (including Linode) and that worked just fine for quite some time.


#9

Sweet on the discount! I think you’ll like Linode.

As @fideloper said we use Linode and Forge at UserScape.

On the email, we care about privacy which is why we don’t do it ourselves :slight_smile: It’s way to hard on a bootstrapper’s budget imho to manage an email server properly. We use Gmail for some things and Rackspace for others.


#10

I used run my stuff on Linode but abandoned ship when they were hacked (their fault) and some customers ended up having a lot of money in Bitcoin stolen. I don’t think Linode ever owned up to it, just kept quiet about the whole thing.

I personally prefer self-managing my servers. Right now I’m trying out OVH for a dedicated server for a new project. You get a lot of resources for a surprisingly small cost, but you have comfortable doing sysadmin stuff yourself. So far, their support has been pretty responsive and friendly (despite lots of negative reviews online).

And as someone else mentioned, Ansible is a great way to automate setting up and maintaining servers. Relatively low learning curve.

Also, I wouldn’t suggest running your own email server, too much work, especially trying to keep your server’s IP from being blacklisted. Take a look at Mailgun for outgoing SMTP, I think they offer 10K outgoing emails/month for free. For incoming POP/IMAP, Zoho gives you maybe 200 incoming emails/day for free.


#11

I hear ya… they got hacked? … darn… how can you loose bitcoinst from a block chain though? You have to be pretty loosy goosy to keep your wallet on a cloud platform…

I just setup a LEMP stack on Ubuntu … takes me a few hours to get it running… I want to try installing the certbot to cycle free certificates… looks pretty simple, an install and cron job… That is my next sys admin project…

Outgoing mail is definitely going to external … in my case I had great luck with SendGrid… Never tried mail gun… There are many… I like the SendGrid interface and DNS set-up feedback…

I will check out Zoho for sure…


#12

I hear ya… they got hacked? … darn… how can you loose bitcoinst from a block chain though? You have to be pretty loosy goosy to keep your wallet on a cloud platform…

Yeah the story is that one of Linode’s employee’s computers was compromised, and this employee had special backdoor access to every Linode customer’s host. The attackers used that backdoor to access the hosts running bitcoin businesses/services, and just snatched the bitcoin wallets on those hosts. If you have access to a bitcoin wallet, you can spend any bitcoins it contains.

I want to try installing the certbot to cycle free certificates… looks pretty simple, an install and cron job… That is my next sys admin project…

Yeah I love LetsEncrypt, they’ve really disrupted the whole SSL cert market. I will never pay for another SSL cert again, especially not a $100 wildcard cert. What a ripoff.


#13

Appart from running on metal, there is not much you can do about such laxism… I wonder if they plugged the hole and don’t keep backdoors onto their customers’s roots…

Wonder what Digital Ocean’s policy is on that… That is a little disturbing to say the least… It is a little old though, 2012 I think… I will research it further… Thanks for the info…


#14

For real projects (or: when projects becomes real), I always gravitate towards AWS. Historically managing my own EC2 servers, now trying to use solutions such as Docker with Amazon’s ECS for a more managed experience.

For small side projects, I’m using now.js for very simple deployments. If you’re using node.js or Docker, this is an amazing service (I pay for it, but the free tier also works for small projects).

Main idea is to have a POC up that is easy to migrate to AWS once it needs more reliability.


#15

Appart from running on metal, there is not much you can do about such laxism...

Right. If security is a big deal to your business, you should be running your own hardware either on-site, or in a colocation inside a locked cage, preferable with a couple of guards with guns standing outside it :wink:


#16

Been there, done that in the past… what a pain… both local and colo servers… Nan… not critical enough…

Was reading their recount of the ddos attacks they had last xmas… and man, given the size of their business they were pretty much caught off guard… They had no headroom, their dns got swamped…really… in 2016 … Its like they did not expect that at all… Now they are now fixing all this…

I dunno… I still like the romantic view of the decentralized web… but it requires giants with giant means to keep it running… lol


#17

I always was afraid of cost with EC2… but it seems to be the best solution for sure… I must say that Digitalocean has been very good with me… Tried Linode because of the podcast… will see how it goes… just hosting a few blogs on that machine… 20$ month, not much to loose… will see how it goes.


#18

I’m a bit of a lurker here, but this is a topic I care a lot about :slight_smile:

For my personal, small projects, I use Digital Ocean. The fact that you know exactly what you are going to pay is very reassuring.

For business, I prefer AWS because of all its supporting services and it usually gets you more for the same amount of money.

The big problem is that you have no control over your maximum expenses (you can’t set a hard limit). So if you do something stupid, you’ll be punished. If you go AWS, start small, get used to the environment and how billing works. Everything costs money, every byte processed, transferred and stored and then some. But if you have time to figure it all out, you can get discounts (eg for EC2 there are reserved and spot instances)


#19

The big problem is that you have no control over your maximum expenses (you can’t set a hard limit).

Definitely. I think the other big problem with AWS is vendor lock-in. If your core architecture is based on particular AWS services, it’ll be a big PITA to ever transition away. (Note this applies more to AWS services like S3 or Lambda, than others like EC2).


#20

Interesting discussion on SAAS security in other thread…

All ties in to this DevOps thread… Laravel Forge does part of the work… I wonder how the load balancer set-up is made… basically a load balancer with only one server downstream is really a reverse proxy…

Maybe Its just me… but I hate not understanding what is going on… Maybe I am just a control freak…