I have had custom domains for a long time, but I could not find reasonably priced hosting with good autonomy until one of my friends suggested the Scaleway cloud. Before I was introduced to this cheap offering I was stuck with Github pages with no flexibility or control over the systems architecture. Scaleway offered arm based instances with the base instance starting at €2.99/month (around ₹300) for 4 cores, 2GB of RAM with 200Mbps of bandwidth, and 50GB of nvme SSD.
I had three websites to deploy
- A personal website imported from Github pages
- A ghost powered blog
- A personal drive powered using Nextcloud
Scaleway provided an S3 compatible objectstore, offering the first 75GB free of cost. I mounted the Scaleway object store on the Nextcloud and got the extra 75GB of storage for my drive. I had to tweak some Php and Nginx parameters to improve the max file size upload limits.
Even though the above websites are for personal use I wanted my architecture to be robust and secure enough to handle any aberrations(cost-effectively). One of the best ways to achieve this was to use a CDN and delegate edge traffic handling to the distributed network. Fortunately, Cloudflare provides a free plan for personal use along with DDoS protection.
To secure my website using Cloudflare's tools, I enabled strict https and client-side cert verification on the origin to prevent unauthorized calls to the source. Block any TLS connections other than v1.3 on the origin (since the edge network will terminate client-side TLS connections, Origin need not support whole range of transport protocols providing protection against poodle attacks). Cloudflare actively scans for attacks and protects from them while allowing me to experiment with http/2 and QUIC for better edge performance.
I also deployed a Wireguard VPN to bypass censorship and protect from information leaks. I have a 50Mbps connection at home and iperf did not show any major drop in bandwidth even with limited resource offering.
The above setup lets me deploy a decently secure and available personal website, blog, and a drive with storage of 100GB along with a makeshift VPN for less than ₹300.
PS: if you want to share ideas to better the architecture feel free to contact.
