Self-hosting isn't scary: a practical guide with Coolify and Hetzner

In my Do better post, I promised a guide on self-hosting. This is that guide.

I’ve been self-hosting for over 3 years now. It started with a DigitalOcean VPS, moved to Hetzner auction servers with Coolify, and today I run three dedicated servers that host everything from the blog you’re reading, to the BeerJS and WhatTheStack websites, to ticket management systems, automation workflows, CMS instances, sync solutions, and a bunch of personal tools. Total cost: about 100 EUR/month.

For context, that’s less than what a single Vercel Pro seat costs once you factor in bandwidth overages on a few active projects. And I’m running dozens of services, not three static sites.

If you’re comfortable deploying to Vercel or Netlify but avoid self-hosting because it sounds hard, this post is for you. It’s not. It’s different, but it’s not hard.

The fear

Let’s address this head-on. The common objections I hear:

“I don’t want to manage servers.” You’re not managing servers in the traditional sense. You’re clicking buttons in a dashboard. Coolify handles Docker, reverse proxying, SSL, and deployments for you.
“What about security?” Valid concern. But you’re already trusting a third party with your code, your environment variables, and your users’ data. Self-hosting means you control that. Updates are your responsibility, sure, but they’re also a sudo apt update && sudo apt upgrade away.
“What about uptime?” I’ve had less downtime on my Hetzner boxes than I’ve experienced from cloud platform outages. Hetzner’s network is solid, and dedicated hardware doesn’t share resources with noisy neighbors.
“I don’t know Linux.” You know how to use a terminal. You npm install things. You can ssh into a box and run a script. That’s 90% of what you need.

The reality is, if you can deploy a Next.js app to Vercel, you can deploy anything to Coolify. The DX is genuinely comparable. Push to git, Coolify builds and deploys. SSL is automatic. Domains just work.

The stack

Here’s what I’m running:

Hetzner auction servers

Hetzner’s Server Auction sells refurbished dedicated servers. When Hetzner introduces newer hardware, the older generation goes to auction. No setup fees, no minimum contract, cancel anytime.

I run three servers at different spec levels. A typical auction server looks something like:

Intel i7-6700 or i7-7700, 32-64GB DDR4, 2x 512GB NVMe
Around 25-40 EUR/month
1 Gbit/s port with unlimited traffic
Located in Germany (Falkenstein/Nuremberg) or Finland (Helsinki)

That’s dedicated hardware. Not a VPS, not a shared instance. The whole machine is yours. For the price of a couple of coffees a week.

The auction stock fluctuates, so specific configs aren’t always available. If you want to track prices, Server Radar is useful. Fair warning: Hetzner announced a price adjustment effective April 2026, so the exact numbers may shift slightly.

When you order an auction server, it arrives in rescue mode within minutes. You install your OS (Ubuntu in my case), SSH in, and you’re off.

Coolify

Coolify is the glue that makes all of this feel like a managed platform. It’s an open-source, self-hosted PaaS - think Vercel/Netlify/Heroku, but running on your own hardware.

What it does:

Git-based deployments - connect your GitHub/GitLab/Gitea repos, push to deploy. Webhooks, auto-deploy on branch push, the whole thing.
Reverse proxy - Traefik handles routing, load balancing, and SSL termination. You set a domain, Coolify configures Traefik automatically.
Automatic SSL - Let’s Encrypt certificates, requested and renewed automatically. Set your domain with https:// and forget about it.
One-click services - 280+ services you can deploy with a click. Databases (Postgres, MySQL, Redis, MongoDB), analytics (Plausible, Umami), CMS platforms (Ghost, WordPress), automation tools (n8n), and more.
Multi-server management - manage all your servers from one dashboard via SSH. I manage all three Hetzner boxes from a single Coolify instance.
Docker under the hood - everything runs in containers. If it has a Dockerfile, Coolify can deploy it. If it doesn’t, Nixpacks auto-detects your stack and builds one for you.

Coolify is free and open-source for self-hosted use. There’s a Coolify Cloud option at $5/month if you want managed updates, but I run the self-hosted version.

Cloudflare for DNS and CDN

I use Cloudflare in front of everything for DNS management and CDN caching. The free tier is more than enough. Point your domain’s nameservers to Cloudflare, create A records pointing to your Hetzner server IPs, and you’re done. Cloudflare’s proxy gives you an extra layer of DDoS protection and caches static assets at the edge.

One thing to watch out for: if you’re using Cloudflare’s proxy (the orange cloud), Let’s Encrypt HTTP challenges can fail. Either use DNS challenge for SSL in Coolify, or set Cloudflare’s SSL mode to “Full (strict)” and let Coolify handle the origin cert.

Backups

Automated S3-compatible backups. Coolify has built-in backup scheduling for databases - you configure an S3 endpoint (I use a mix of providers), set a schedule, and it handles the rest. For application data, I use a combination of Coolify’s backup features and some cron jobs that push to S3.

The key thing: backups are automated. I don’t think about them. They just run.

Setting it up from zero

Here’s the actual process. It’s shorter than you think.

1. Get a server

Go to Hetzner’s auction page, pick a server that fits your budget (32GB RAM and NVMe storage is a good starting point), and order it. You’ll have access within minutes.

If you’re just experimenting, a Hetzner Cloud VPS works too - CX22 at ~4 EUR/month is enough to try Coolify with a few small services.

2. Install the OS

Boot into rescue mode, install Ubuntu (22.04 or 24.04 LTS), and SSH in. Hetzner’s installimage tool makes this painless.

3. Install Coolify

One command:

curl -fsSL https://cdn.coollabs.io/coolify/install.sh | bash

That’s it. Coolify installs Docker, sets up Traefik, and starts the dashboard. Open http://your-server-ip:8000 in your browser to complete the setup.

4. Point your domain

In Cloudflare (or your DNS provider), create an A record pointing your domain to the server IP. If you’re using Cloudflare’s proxy, make sure SSL mode is set to “Full (strict).“

5. Deploy something

In the Coolify dashboard:

Create a project (organizational container)
Add a resource - pick “Public Repository” if you want to test with a GitHub repo
Set the domain (e.g., https://myapp.example.com)
Click deploy

Coolify clones the repo, detects the framework, builds a Docker image, starts the container, configures Traefik routing, and requests an SSL certificate. Your app is live.

For GitHub integration with auto-deploy on push, set up a GitHub App in Coolify’s settings. After that, every push to your configured branch triggers a build and deploy automatically. Same workflow as Vercel, just on your hardware.

What I actually host

To give you a sense of what’s possible on three servers at 100 EUR/month:

Websites and apps:

This blog (Astro, static)
BeerJS Skopje website
WhatTheStack conference website and related apps
Several client projects and demos

Services:

CMS instances for various projects
Ticket/project management system
Automation workflows (n8n)
File sync solutions
Analytics (Plausible)
Various databases (Postgres, Redis)

Personal tools:

A bunch of side projects in various states of completion (you know how it is)

Each of these is a separate container, with its own domain, its own SSL cert, and its own deployment pipeline. Coolify manages all of it through one dashboard.

The honest parts

I promised in the “Do better” post that self-hosting isn’t all rainbows and butterflies. Here’s what you should know:

The initial setup has a learning curve

Not in Coolify itself - that part is straightforward. The curve is in understanding the fundamentals: how DNS works, what a reverse proxy does, how Docker networking behaves, what SSH keys are for. If you’ve been on managed platforms your whole career, these concepts might be new. They’re not hard, but they’re new.

I started on a home connection with tunnels before moving to Hetzner. Running a server from home teaches you a lot about DNS (especially the fun parts like hairpin NAT and split-horizon DNS), but it’s not something I’d recommend for production workloads. Get a proper server. It’s 25 EUR/month.

Updates are your problem

On Vercel, you don’t think about security patches. On your own server, you do. This means:

OS updates (sudo apt update && sudo apt upgrade - do it regularly)
Coolify updates (one click in the dashboard, but you should read the changelog)
Docker image updates for your services
Keeping an eye on security advisories - Coolify had some serious CVEs in January 2026 that were patched, but you need to actually apply the patches

This isn’t a lot of work. I spend maybe 30 minutes a month on maintenance across all three servers. But it’s 30 minutes more than zero, and you need to be okay with that.

When things break, you fix them

On a managed platform, you open a support ticket. On your own server, you SSH in and figure it out. Docker logs, Traefik configs, disk space, memory usage - these become your debugging tools. In my experience, things rarely break (dedicated hardware is remarkably stable), but when they do, you’re the one on call.

The upside? You actually understand your infrastructure. You know where your data lives, how traffic flows, and what each service does. That understanding is valuable, and it makes you a better developer.

Coolify isn’t perfect

It’s a great tool, and it’s improving fast (35K+ GitHub stars, very active development). But:

It’s technically still in beta (v4), though it’s stable enough for production in my experience
The documentation has gaps in some areas
Docker Compose deployments can be finicky with port configuration
The built-in monitoring (Sentinel) is basic - I supplement it with other tools

None of these are dealbreakers. They’re the kind of rough edges you’d expect from an open-source project that’s growing fast.

The math

Let’s do some napkin math. Say you’re running 5 websites and a couple of backend services.

Vercel Pro + managed databases + misc services:

Vercel Pro: $20/month/seat
Managed Postgres (Neon, Supabase, etc.): $25-50/month
Managed Redis: $10-30/month
Analytics service: $10-20/month
Other SaaS tools: varies
Total: easily $80-150+/month, and that’s for one developer

Hetzner + Coolify:

Auction server (mid-range): ~35 EUR/month
Cloudflare: free
Coolify: free (self-hosted)
S3 backups: ~5 EUR/month
Total: ~40 EUR/month, and you can host 20+ services on that one box

I run three servers because I like the separation and have a lot of services. You can start with one and grow from there.

The savings become more dramatic as you scale. Managed platforms charge per service, per seat, per GB of bandwidth. Your own server costs the same whether you run 1 service or 50.

Getting started

If you’ve made it this far and want to try it:

Start small. Get a Hetzner Cloud VPS for ~4 EUR/month. Install Coolify. Deploy your personal site. Get comfortable.
Move one thing at a time. Don’t migrate everything at once. Move your least critical project first and live with it for a month.
Read the Coolify docs. They’re not perfect, but they cover the essentials.
Join the communities. The Coolify Discord and Hetzner Community are both active and helpful.
When you’re ready, grab an auction server. The jump from VPS to dedicated hardware is significant in terms of resources, and the cost difference is marginal.

Takeaway

Self-hosting isn’t a return to the dark ages of sysadmin work. With tools like Coolify, the DX is genuinely close to what you get on managed platforms. You push to git, your app deploys. SSL just works. Databases are one click away. The difference is that you own the whole stack, you control your data, and you’re not at the mercy of pricing changes or platform decisions.

Is it more work than Vercel? Yes, a little. Is it worth it? For me, absolutely. The combination of cost savings, ownership, and the satisfaction of running your own infrastructure is hard to beat. Plus, you learn things about how the web actually works that managed platforms abstract away - and that knowledge makes you a better developer.

The tech feudalists want you to believe this is hard. It’s not. It’s just different. And different is good.

Happy hacking!