A few months ago I decided to self-host everything for my software house instead of paying for cloud infrastructure. Here’s what’s running on a Raspberry Pi 4B (4GB) at home:
Astro static site + nginx Full mail stack (Postfix + Dovecot + Roundcube) in Docker MariaDB with automated backups GoAccess analytics with custom Python bot/human separation Dynamic IP blocklist generated at every deploy Certbot managed on a separate Orange Pi Zero 3 (HAProxy + SSL termination)
The Orange Pi Zero 3 as a dedicated HAProxy node was the best €25 I spent — SSL overhead completely offloaded from the Pi, all subdomains routed through one config, clean network separation between “what faces the internet” and “what runs the services.” Storage: all boards boot from SSD via USB3. No SD cards in production. The ISP situation: Eolo wireless, 20Mbps down / 100Mbps upload. Yes, upload is 5x download. For a web server that’s actually ideal. Real stress test — June 22, 2026 A post on r/italy hit 20k views in 24 hours. Numbers that day:
555 human visitors (vs ~180 daily average) 151 unique IPs 72.2% return rate 9.98 MB bandwidth 0 downtime 0 errors in the mail stack
PageSpeed from Google’s infrastructure:
Desktop: Performance 100 / SEO 100 Mobile: Performance 97 / SEO 100
No CDN. No Cloudflare. No edge nodes. Just nginx on a Pi. The honest limitations:
Single point of failure — yes, if the Pi dies the site goes down Mail deliverability on residential ISP is hard (Brevo relay helps) No redundancy — we run backups, not replicas
All traffic data is live and public: stats.lake8.dev/geo.html Happy to answer questions on any part of the stack.
This is BASIC — my Lagotto Romagnolo. Official lake8.dev mascot and uptime monitor. He also finds truffles. 😍
How did you get him to find truffles? :O
He’s a Lagotto Romagnolo — a breed selected for centuries specifically for truffle hunting. It’s literally in his DNA. Training starts as a puppy: you hide small pieces of truffle in the garden and let him find them. Now the only way to make him truly happy is to let him run free in the woods — and you run behind him 😄 When he finds one, he expects a proper reward. I’m from Bologna, so his payment is a tortellino per truffle. Fair trade. 😁
tortellino per truffle
Hell, I’ll find you truffles if you feed me that. LOL
Sounds great! Is there an easy to follow/understand tutorial on setting up HAProxy node?
Ciao! I don’t have a tutorial yet, but it’s on my list — actually, this question is a good motivation to write one! 😄 The short version: HAProxy on Orange Pi Zero 3 (Armbian), Certbot for SSL, reverse proxy to Raspberry Pi 4B behind NAT. The trickiest part is the ACL rules for multiple subdomains and the certificate renewal hook. I’ll write a proper post about it on lake8.dev — I’ll mention it here when it’s ready.
How do you enforce consistent backups of the database? Do you dump the data periodically? Copying the data on the docker volume won’t give you consistent ( and possibly corrupted ) backups IIRC if the database itself isn’t stopped.
Good catch! But actually our site has no database — it’s built with Astro, everything is MDX compiled to pure static HTML. Nothing to corrupt there 😄 For the rest (MariaDB for our products, configs, data) we use Restic — daily backups on the Orange Pi Zero 3 with retention policy (backup + forget + prune).
Why are all your comments full of em-dashes?
Ciao! I’m Italian 🇮🇹 — my English is very “pasta asciutta” level. I use AI to help me write without saying something cosmically wrong. Sorry for that. But me and my dog are 100% real. 🐕
“My dog and I […]” is proper English grammar.
- It’s impolite for you to be first in the list of beings.
- “Me is 100% real” is wrong, it’s “I am […]”
Your AI needs a grammar upgrade. 😉
My dog and I […]” is proper English grammar.
It’s impolite for you to be first in the list of beings. “Me is 100% real” is wrong, it’s “I am […]” Your AI needs a grammar upgrade. 😉 thk :-) Grammar noted and appreciated! My dog and I are 100% real. BASIC would have caught that error, but he was busy finding truffles. :-)
👍
Keep up the hard work. English is bonkers.
Keep up the hard work. English is bonkers.12:34Claude ha risposto: — Grazie! English is indeed bonkers. I’ll stick with pasta asciutta and truffle dogs. 👍
Ah, yeah, we don’t like AI here.
Ciao! I’m Italian — my English is not exactly my strongest skill. But if AI-assisted translation bothers you, I can always switch to Google Translate 😊 Hope that’s reassuring enough.
Ah, yeah, we don’t like Google here either.
Ah, yeah, we don’t like Google here either. Ciao! At this rate I’ll have to rewrite everything in carrier pigeons. :-)
The Lemmy council approves
Honored. 🙏
And one even starts with:
You’re completely right
Hahaha
You’re completely right — OP’s comments do sound like an AI! Keep going, champ, and let U̸̡̢̖̜̬̐Ș̵̲̈̀̎̈́ know what project you’d like to work on next!
Here’s my “cloud infrastructure” Air conditioning — NO Sterile environment — NO Dedicated server room — NO Enterprise-grade monitoring — is BASIC (BASIC is my Lagotto Romagnolo. He checks uptime personally.)
I like posts like this (certainly the spiffy world map looks like you are in a movie!), and I like the self hosting idea, but here’s the issue I see with self hosting stuff…
Its so complex. To me its bordering on inaccessible for the regular user. What you have described is very technical, and I see this all the time in the self host section; very cool looking dash, doing cool stuff, but then the description is like its literally in a different language. I’m usually lost before I have read three lines.
In your post, I’m actually not even sure what you have built. Mail server? Website? I’m fairly techie but I find it hard to understand. Is “software house” your business?
Its great and I commend your work, but its mind boggling and my overarching feeling when I see these posts is usually: “damn, way too complex, I wouldn’t know where to start”.
Thanks for the post however and for taking the time to document and answer questions. 👍🏼
You’re completely right, and thank you for saying it directly. Let me try again in plain English: I run a small software company from home. Instead of paying €50-100/month for hosting, email, and analytics services, I built everything on a €60 Raspberry Pi computer sitting next to my router. What’s actually running on it:
The website you’re reading about (like any website, just hosted at home instead of on AWS) Email — when someone writes to info@lake8.dev, it lands on that Pi Analytics — that world map showing where visitors come from
That’s it. Three things, one small computer, zero monthly fees. There’s also a green angle that rarely gets mentioned: the entire setup draws around 3-4W idle — less than a LED light bulb. A data center rack serving the same traffic would consume orders of magnitude more. Self-hosting at this scale isn’t just cheaper, it’s genuinely lighter on the planet. The complexity you’re seeing is real — it took months to set up and I have 20+ years of experience. I’m not going to pretend it’s for everyone. It isn’t. But that’s also why I built Lagotto BI — our actual product — which does the opposite: takes complex business data and makes it readable for people who just want to understand their business, not manage servers. So yes, “software house” is my small business. The Pi is just how I run the infrastructure behind it without paying cloud prices forever. Thanks for the honest feedback — it’s genuinely useful. thk :-)
Hey Grazie for following up, appreciate it. Sounds even more impressive now that I understand it fully.
I was thinking about it after I posted and I suppose the fact that its complex is part of why the big corporations can benefit so much from our data. They have full control and a million services to host your site, manage your email and analyse your data, and all it takes is a two minute sign up and you are in. Sounds great for the basic user, which is most of the world, but the price you pay is that your data and privacy is effectively gone. They have a captive audience and we go running to them. Its a shame.
I suppose if self hosting was easy, many more people would be doing it. I still love the idea but i think its still a bit technical and that puts me off.
Again, appreciate the response and time taken to explain. I can almost feel feeling of satisfaction you must have, knowing that you are saving money, protecting your privacy and running part of your business in such an excellent way! Great work.
Ciao!
Ciao ropatrick! You nailed it perfectly. The big corporations made it incredibly easy — two minutes and you’re in. But “free” and “easy” always has a price, and in this case it’s your data and your independence. You’re right that self-hosting is still too technical for most people. That’s actually part of why I built lake8.dev — to make this kind of infrastructure more accessible for small businesses, at least in the manufacturing sector. And yes — that feeling of satisfaction is very real. Every time the server handles real traffic from my living room, it feels like a small personal victory against the cloud monopoly. 😄 Grazie for the kind words — and for actually reading and understanding the post!
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters Git Popular version control system, primarily for code ISP Internet Service Provider NAT Network Address Translation VPN Virtual Private Network VPS Virtual Private Server (opposed to shared hosting) nginx Popular HTTP server
[Thread #29 for this comm, first seen 26th Jun 2026, 07:20] [FAQ] [Full list] [Contact] [Source code]
That’s awesome! I would never have expected that kind of throughput. On the day of your popular post, did you feel the traffic while trying to use the internet yourself at all? I sometimes fear that I’m going to get hit by something that interrupts what I’m doing and I’ll have to take the server down temporarily. It hasn’t happened yet though. I use a cloudflare tunnel mostly because I don’t have a static IP address, but it does help reassure me in the event of a DDOS and blocking bot traffic. Those services are free by the way (for the time being at least! Who knows about the future)
Honestly no — I didn’t feel it at all. The Pi was handling the spike silently in the background while I was working normally. Upload bandwidth on Eolo is 100Mbps, and a static Astro site serving mostly HTML/CSS is incredibly light. Peak day was 555 human visitors with 9.98MB total bandwidth — that’s nothing for a residential connection. The Cloudflare tunnel approach is smart especially without a static IP. We have a static IP included with Eolo (unusual for residential, I know) which simplifies things. For DDoS protection we rely on HAProxy on a separate Orange Pi Zero 3 doing rate limiting and our dynamic blocklist — but honestly at our scale a proper DDoS would still hurt. The “who knows about the future” concern about Cloudflare is real though. Building on free tiers of centralized services is convenient until it isn’t — which is part of why we went full self-hosted in the first place.
Last time I tried something like this my ISP cut me off by sending me an email after they cut me off about how if I am running a business website it has to be through their business plan not residential plan.
I never saw the email because they cut me off before I could ever view it.
I wasn’t even hosting a business site but it was for a wedding announcement and RSVP shit.
Little guys have a hard time these days.
That’s brutal — and unfortunately very common. ISPs love the “you’re violating ToS” card, especially when they have a more expensive business plan to sell you. The irony is that most residential ToS are deliberately vague about what constitutes “running a business” — a wedding RSVP site is hardly a commercial operation, but it doesn’t matter when the ISP is the judge, jury and executioner. We’ve been lucky with Eolo so far — they haven’t flagged anything. Part of the reason is probably that our traffic profile looks residential (low inbound, spikes rather than constant load) and we’re not running anything that would show up as “suspicious” on their side. The asymmetry you’re describing is real though. A large company can host whatever they want on enterprise infrastructure. A small developer hosting a wedding site gets cut off without warning. Self-hosting is getting harder at the residential level precisely because ISPs have a financial incentive to make it harder. Hope you found a better solution eventually.
What if you hid your traffic by using a wireguard VPN like mullvad as your exit node? Your ISP wouldn’t be privy to the services you host all they could see is that your using wireguard or a vpn
Not a ad but want to leave this here because I think it’s relevant. Najalla has a VPN service that is very unique, instead of giving you multiple exit points with different IPs and maybe 1 portforward they give you One static IP with full access to portforwarding for like 5€/Month
I am in no way affiliated with them but I am just a customers of thier service and enjoy it!
Was this a well known ISP or a local ISP That’s weird. Did they have a policy against that? Even when I didn’t have a business account with my ISP, they didn’t seem to care,
Setup solido. Una domanda tecnica: syslog restituendo on-prem o tutto centralizzato su firewall logs verso la Pi? Io separo questi due (syslog localmente, applicazioni su VPS remoto) per motivi di privacy domestica. Curiosità su come lo gestisci.
Complimenti anche per non aver barato su “redundanza” : ammettere il single point of failure è più utile di 10 artikel su Kubernetes. 👍
Buona domanda. Onestamente il nostro setup di logging è semplice per design — niente syslog centralizzato, niente aggregazione remota. Tutto resta locale sul Pi: log nginx in /srv/logs/, log applicazioni via Docker, log di sistema via journald. Niente lascia la macchina tranne quello che spingiamo esplicitamente (statistiche giornaliere verso la dashboard pubblica via scp). L’aspetto privacy che citi è interessante — noi non abbiamo la preoccupazione della “privacy domestica” perché il Pi È il server, ma il principio di tenere i log locali lo condividiamo. Niente Elastic, niente Loki, niente syslog remoto. HAProxy sull’Orange Pi Zero 3 ha i suoi log locali separati — non li spediamo al Pi. Due nodi, due store di log indipendenti. Non è architetturato per la scala. È architetturato per semplicità e controllo — che per una software house di una persona è il tradeoff giusto. E grazie per il commento sulla ridondanza — fingere che un Pi singolo sia highly available sarebbe stato imbarazzante. Non lo è. Funziona abbastanza bene, e sapere dov’è il punto di failure conta più che fingere che non esista.
Hello !
This is quite the setup !
I had to put your post in an ai (claude) so that i can understand what you were saying, but it’s still amazing!
Ha! That’s actually quite meta — you used Claude to understand a post that was partially written with Claude’s help. Welcome to 2026, where AI reads infrastructure posts so humans don’t have to. 😄 Glad the setup is impressive even through the translation layer. If you have any specific questions, ask away — I’ll try to answer in plain English this time
Waddaya mean no cloud?
YOU ARE THE CLOUD NOW
If clouds are far away, then self-hosting could be “fog”? Clouds at ground level that you walk around in.
Exactly. I didn’t move to the cloud. The cloud moved to my living room.
Thk 😀
Big oof on that mobile performance score, gotta get that fixed XD
Big oof on that mobile performance score, gotta get that fixed XD Ha, fair point — 97 is not 100. 😄 To be honest, I know exactly what’s pulling it down and I’m working on it. Running a static site on a Raspberry Pi with 100Mbps upload and hitting 97 on mobile from Google’s infrastructure felt like a win worth sharing — but you’re right, there’s always room to squeeze out those last 3 points. The perfectionist in me agrees with you. The pragmatist in me is still celebrating.
Awesome! You just started and you’ve accomplished all of this? That’s respectable. Damn site better than when I first started. Git sum!
Ha, thanks! To be fair — I’ve been writing code since 1995, and doing industrial software for the last 21 years. So not exactly a beginner. The self-hosted infrastructure side was genuinely new territory though, and yes, a lot came together quickly. “Git sum” is going on the wall. 😄
The self-hosted infrastructure side was genuinely new territory though
Well then, welcome to the club. Sorry if everything is a bit messy, we’re renovating. Hang out, share your journey, and hopefully find a good home here at c/selfhosted…and indeed ‘Git Sum’.
Ciao! Thank you — happy to be here. The mess feels familiar, honestly. My server room looks exactly the same. 😄 Looking forward to sharing more — there’s plenty of journey still ahead.
