Self-hosting a website in 2023, pt.1

In the age of social networks, blogging and microblogging platforms, self-hosting a personal website can look odd. Add to that the availability of affordable all-inclusive hosting providers offering managed content management systems, search engine optimisation, analytics, content delivery network and what not, and self-hosting a personal website from scratch from your own virtual private server (VPS) becomes borderline masochism. The only compelling reasons to undertake such an endeavour are being in total control of and satisfying your personal curiosity.

The first time I recall doing something similar was around 2011, fresh of starting the master in theoretical physics and of joining the local Linux user group in Pisa. By that time, together with my flatmate, we were using an old laptop as a home server “takatuke”1, hosting a controller for web radios and an RSS feed aggregator, using lighttpd as a reverse proxy and LXC containers before docker was a thing (or it even existed, for what matters). However those early days spent messing around paid off when, during a previous job, I was assigned the task to devise, deploy and manage a multiservice system on a Kubernetes cluster, while also developing one of the services, too. Here credit is due to my experienced devops colleagues for helping me get up to speed quickly (it was a small company but we were very resourceful and crazy efficient, and if you want to know more about Kubernetes you should definitely check out KubeTtips).

What follows is a step-by-step guide to publishing your very own website. Even though I will descend into details here and there, I will assume a basic knowledge of how to execute commands on a remote machine thorough ssh and how to install software on it.


While a personalised domain is not strictly necessary to host a website (for personal use you could use some cheap dynamic DNS or just an alias in your /etc/hosts hardcoding the IP address of your host), buying one is not going to break the bank and usually provides quite a boost of your morale, usually a couple of mailboxes out of bigG or bigM’s eyes and, crucially, the ability to set up an SSL certificate with Let’s Encrypt.

There are a ton of registrars out there, and I am not in the position to advice for any single one of them, except for many advising against two Italian registrars which in my experience provided and extremely low quality service: Aruba and TopHost. Make sure that the registrar allows you to easily set your very own DNS record. Even though most registrars will provide a form to edit individual records, make sure that you keep the possibility to edit the record as a txt.


The hosting, on the other hand, is truly necessary. I rent a small VPS for the price of two and a half inner tubes2. You really do not need much computational power nor RAM, and most likely your VPS will be idle most of the time for the majority of use cases I can think of. For this reason, if cost is a concern, a pro tip is to find one or two like-minded friends, share the server and split the costs; you are extremely unlikely to step on each other’s foot, performance wise.

Both for the domain and for the hosting, you should definitely consider selecting service providers from different countries from your own. In a time in which dissent is more and more persecuted, it will make censors’ life just a little bit harder.

Server setup

Once you chose your hosting provider, it is time to set up your VPS. Usually it is possible to choose among a handful of different distributions. Unfortunately not all distributions are equally well supported even within the same hosting. In my case it looked like the host applied some patches to the kernel that only worked on Ubuntu and I wasn’t willing to waste much time to get a better distro work.

Typically the server starts with a minimal set of tools installed. Since we are going to containerise pretty much everything, there is not much else than docker and git that need be installed3. Besides these tools, it is advisable to also install a firewall. Since I’m not particularly at ease with routing tables, my firewall of choice is ufw.

DNS setup

The hosting service will give you the IP address of your server. You will need to use this address to edit the DNS record in your domain settings. For what concerns hosting a website, you will need at least a so-called DNS record A, which maps a domain name to one IP address.

* 10800 in A

In the example above, the second level domain and any third level domain that is not separately handled with another record will map to the IP address. Browsers and other DNS servers do not query the DNS for every single call, caching instead the result of the first query. The cache is not considered stale for a predefined amount of time, which is the number in seconds that appears as the second column of the record.

When there are multiple services hosted on the same server, it is often convenient to map the IP address to an administrative record A, and then point the individual services to this address by means of a CNAME record, like so.

admin 10800 IN A yyy.yyy.yyy.yyy
www 10800 IN CNAME admin.$DOMAIN.
blog 10800 IN CNAME admin.$DOMAIN.

In this case the CNAME instruct to route requests to www.$DOMAIN and blog.$DOMAIN to admin.$DOMAIN. Notice the dot (.) at the end of the CNAME lines. This is important because it forbids the DNS server from appending your domain root ($DOMAIN) to the record, which is otherwise always intended. Without it the DNS server would route blog.$DOMAIN to admin.$DOMAIN.$DOMAIN!


So far we have seen what to look for in a registrar and in a host, how to set up a blank VPS and map its IP address to our domain. In the next part we are going to set up the firewall, a reverse proxy and SSL certificates.

  1. It means “ashtray” in Albanian…not particularly evocative, but it sounds nice. ↩︎

  2. However my bike runs tubeless, now. ↩︎

  3. I am curious about podman, and I might try to migrate to it in the near future. ↩︎