- in the next few decades, my Linux servers will have been updated completely multiple times
- software updates happen on my schedule and at my behest
- I can move to newer hardware whenever the mood strikes me
- I maintain full de jure and de facto ownership of my data (AKA I control it completely)
- Since I own the data, I can always upload it to some vendor in future. Due to vendor lock-in, non-standard data formats, and my least favourite: data egress fees, it's not straightforward to go from a vendor to another vendor, or from a vendor to DIY. I maintain maximum optionality
- Since I committed to the private server path, I can take full advantage of the server being a general computing device. I can combine web-hosting, databases, and other things on the same device / a stable of devices. I end up having ridiculous performance, full control of my entire stack, and at a huge discount, and it's a very simple system.
Security concerns are addressed in a couple of ways:
- By having everything on one server, or by architecting things just so, I can stand up a database that does everything I need, including serving my web-apps, without ever facing the public internet directly.
- Maintaining a secure server is admittedly more of an ongoing chore, but it's not a significant timesink at all
- Every online service by AWS et al ultimately runs on a server much like mine, so if there's some serious widespread Linux vulnerability, it'll affect managed services just as much as my server.
- The managed services themselves are not only juicy targets but are themselves vulnerable to both hacking and phishing. I'm convinced SSH'ing into Postgres + Linux is a safer option than a more complicated structure.
All of the above assumes my apps will never be planet-scale, which even in the most bullish case, they never need to be.
- in the next few decades, my Linux servers will have been updated completely multiple times
- software updates happen on my schedule and at my behest
- I can move to newer hardware whenever the mood strikes me
- I maintain full de jure and de facto ownership of my data (AKA I control it completely)
- Since I own the data, I can always upload it to some vendor in future. Due to vendor lock-in, non-standard data formats, and my least favourite: data egress fees, it's not straightforward to go from a vendor to another vendor, or from a vendor to DIY. I maintain maximum optionality
- Since I committed to the private server path, I can take full advantage of the server being a general computing device. I can combine web-hosting, databases, and other things on the same device / a stable of devices. I end up having ridiculous performance, full control of my entire stack, and at a huge discount, and it's a very simple system.
Security concerns are addressed in a couple of ways:
- By having everything on one server, or by architecting things just so, I can stand up a database that does everything I need, including serving my web-apps, without ever facing the public internet directly.
- Maintaining a secure server is admittedly more of an ongoing chore, but it's not a significant timesink at all
- Every online service by AWS et al ultimately runs on a server much like mine, so if there's some serious widespread Linux vulnerability, it'll affect managed services just as much as my server.
- The managed services themselves are not only juicy targets but are themselves vulnerable to both hacking and phishing. I'm convinced SSH'ing into Postgres + Linux is a safer option than a more complicated structure.
All of the above assumes my apps will never be planet-scale, which even in the most bullish case, they never need to be.