So recently I talked about how I was moving my email to a paid GSuite account, that process has now completed.
To recap I've been paying approximately €65/month for a dedicated host from Hetzner:
- 2 x 2Tb drives.
- 32Gb RAM.
- 8-core CPU.
To be honest the server itself has been fine, but the invoice is a little horrific regardless:
- SB31 - €26.05
- Additional subnet /27 - €26.89
I'm actually paying more for the IP addresses than for the server! Anyway I was running a bunch of virtual machines on this host:
- Exim4 + Dovecot + SSH
- I'd SSH to this host, daily, to read mail with my console-based mail-client, etc.
- Hosted websites.
- Each different host would run an instance of lighttpd, serving on localhost:XXX running under a dedicated UID.
- Then Apache would proxy to the right one, and handle SSL.
- Puppet server, and VPN-host.
- Bunch more servers, nine total.
My plan is to basically cut down and kill 99% of these servers, and now I've made the initial pass:
I've now bought three virtual machines, and juggled stuff around upon them. I now have:
debian - €3.00/month
dns - €3.00/month
- This hosts my commercial DNS thing
- Admin overhead is essentially zero.
- Profit is essentially non-zero :)
shell - €6.00/month
- The few dynamic sites I maintain were moved here, all running as
www-data behind Apache. Meh.
- This is where I run cron-jobs to invoke rss2email, my google mail filtering hack.
- This is also a VPN-provider, providing a secure link to my home desktop, and the other servers.
The end result is that my hosting bill has gone down from being around €50/month to about €20/month (€6/month for gsuite hosting), and I have far fewer hosts to maintain, update, manage, and otherwise care about.
Since I'm all cloudy-now I have backups via the provider, as well as those maintained by rsync.net. I'll need to rebuild the shell host over the next few weeks as I mostly shuffled stuff around in-place in an adhoc fashion, but the two other boxes were deployed entirely via Ansible, and Deployr. I made the decision early on that these hosts should be trivial to relocate and they have been!
All static-sites such as my blog, my vanity site and similar have been moved to netlify. I lose the ability to view access-logs, but I'd already removed analytics because I just don't care,. I've also lost the ability to have custom 404-pages, etc. But the fact that I don't have to maintain a host just to serve static pages is great. I was considering using AWS to host these sites (i.e. S3) but chose against it in the end as it is a bit complex if you want to use cloudfront/cloudflare to avoid bandwidth-based billing surprises.
I dropped MX records from a bunch of domains, so now I only receive email at
steve.org.uk, and to a lesser extent
dns-api.com. That goes to Google. Migrating to GSuite was pretty painless although there was a surprise: I figured I'd setup a single user, then use aliases to handle the mail such that:
- debian@example -> steve
- facebook@example -> steve
- webmaster@example -> steve
All told I have about 90 distinct local-parts configured in my old Exim setup. Turns out that Gsuite has a limit of like 20 aliases per-user. Happily you can achieve the same effect with address maps. If you add an address map you can have about 4000 distinct local-parts, and reject anything else. (I can't think of anything worse than having wildcard handling; I've been hit by too many bounce-attacks in the past!)
Oh, and I guess for completeness I should say I also have a single off-site box hosted by Scaleway for €5/month. This runs monitoring via overseer and notification via purppura. Monitoring includes testing that websites are up, that responses contain a specific piece of text, DNS records resolve to expected values, SSL certificates haven't expired, & etc.
Monitoring is worth paying for. I'd be tempted to charge people to use it, but I suspect nobody would pay. It's a cute setup and very flexible and reliable. I've been pondering adding a scripting language to the notification - since at the moment it alerts me via Pushover, Email, and SMS-messages. Perhaps I should just settle on one! Having a scripting language would allow me to use different mechanisms for different services, and severities.
Then again maybe I should just pay for pingdom, or similar? I have about 250 tests which run every two minutes. That usually exceeds most services free/cheap offerings..
Tags: aws, debian, debian-administration, gmail, google, hetzner, hosting, netlify, pingdom, s3, servers