Self-hosting my websites using bootable containers
Summary
The author moved their website hosting from Cloudflare due to confusing pricing, deployment issues with static files/binaries, and a desire to shift away from US services. They are exploring immutable infrastructure tools like Poudriere.
Yorick Peterse abandons Cloudflare for FreeBSD
Developer Yorick Peterse migrated his personal website and Inko programming language infrastructure away from Cloudflare to a custom immutable infrastructure stack in early 2025. The move ends a decade-long reliance on major US-based cloud providers like Amazon Web Services and Cloudflare.
Peterse has managed his web presence since 2008, cycling through various hosting providers and software configurations. He originally moved to Amazon CloudFront as a static site in 2015 before switching to Cloudflare Pages and R2 for their superior interface and free tier. The honeymoon phase with Cloudflare eventually soured over technical limitations and pricing structures.
Cloudflare deployment models create friction
Cloudflare Pages struggled to handle the versioned documentation required for the Inko programming language. The documentation uses sub-directories for different versions, creating a URL structure that requires persistent file storage across deployments. Cloudflare Pages requires users to include every historical file in every new deployment, which complicates the build process.
This model forces developers to track generated files in Git to ensure future deployments do not delete older documentation. Peterse found this workflow unsustainable for binary blobs and release artifacts. Inko’s release process generates source archives and pre-compiled libraries that Git handles poorly without Git LFS.
To manage these files, Peterse previously split his infrastructure across two separate systems:
- Cloudflare Pages for the primary website and documentation.
- Cloudflare R2 for hosting binary release artifacts.
- Custom Workers to bridge the two services.
The complexity of this setup led to frustrations with Cloudflare’s business model. Peterse noted that R2’s pricing structure is confusing and mimics AWS by locking basic features behind high-tier subscriptions. He specifically cited Cloudflare's tendency to charge $200 per month for "website metrics that aren't useless."
Surveillance concerns drive infrastructure changes
Geopolitical shifts in 2025 accelerated the decision to leave US-based service providers. Peterse cited the renewal of Section 702 of the Foreign Intelligence Surveillance Act (FISA) as a primary motivator. This law allows US intelligence agencies to conduct warrantless surveillance on foreign targets, which impacts non-US developers using American clouds.
The potential ban of TikTok in the United States also signaled a shift in how the US government interacts with technology platforms. These factors pushed Peterse to seek hosting solutions outside of US jurisdiction. Privacy is no longer just a technical choice; it is a geographic one.
The search for a new stack focused on immutable infrastructure, a concept Peterse has championed since 2012. During his time at a travel review analysis firm, he used AWS EC2 spot instances and VM images to ensure fast, deterministic deployments. That experience proved that pre-configured images are more reliable than centralized configuration management systems.
The benefits of immutable server images
Immutable infrastructure treats servers as disposable assets rather than systems to be updated in place. When a developer needs to apply a security patch or a software update, they build a new image and replace the old server entirely. This approach eliminates configuration drift and ensures that the environment is identical every time it boots.
While the Linux ecosystem has seen a surge in immutable distributions like Fedora Silverblue and Bazzite, Peterse looked toward FreeBSD. He spent several weeks evaluating tools that could build and provision new operating system images. The goal was to find a tool that supported ZFS-based updates and handled package management efficiently.
Peterse evaluated several technologies for his new deployment pipeline:
- Poudriere for building FreeBSD package repositories and images.
- NixOS for its functional approach to system configuration.
- FreeBSD's NanoBSD for small-footprint image generation.
He ultimately rejected NanoBSD because it focuses on building from source for UFS-based storage like USB sticks. Peterse preferred a system that could leverage FreeBSD’s existing package manager to save time and resources during the build process.
Testing Poudriere for FreeBSD deployments
The transition to Poudriere offered a mix of power and complexity. Poudriere is the standard tool for building FreeBSD ports, but it also includes features for generating full OS images. It allows developers to create a controlled environment, or "jail," to compile software without polluting the host system.
Building an image with Poudriere requires a single command, but the underlying configuration is extensive. Peterse used this tool to create ZFS update images, which allow for atomic rollbacks if a deployment fails. This level of control is exactly what developers lose when they move to managed platforms like Cloudflare.
The new setup provides several advantages over the old Cloudflare model:
- Ownership: Full control over the documentation's directory structure.
- Predictability: Images are built once and deployed exactly as they exist in the build environment.
- Sovereignty: Data resides on hardware outside the immediate reach of Section 702.
Peterse spent months refining this stack to ensure it could handle Inko's specific needs. The move represents a broader trend among senior developers who are retreating from "black box" cloud services in favor of self-hosted or independent infrastructure. While managed services offer convenience, they often come with hidden technical debt and privacy trade-offs.
Building a future without big tech
The migration away from Cloudflare highlights a growing dissatisfaction with the "carrot and stick" approach of modern SaaS platforms. By moving to FreeBSD and Poudriere, Peterse has traded the simplicity of a "git push" deployment for the resilience of a custom-built pipeline. He now manages his own VM images, ensuring that Inko's documentation and binaries remain available regardless of a provider's pricing changes.
This transition wasn't instantaneous; it required a deep dive into BSD tooling and a re-evaluation of how web content should be served in 2025. Peterse has documented the process in a Git repository, providing a blueprint for other developers looking to escape the AWS and Cloudflare ecosystems. The era of the "generous free tier" may be ending, but the era of the independent stack is just beginning.
The final configuration relies on immutable images that boot, download necessary services, and run in a deterministic state. This mirrors the 2012 workflow Peterse admired, but with modern enhancements provided by ZFS and Poudriere. For the first time in a decade, the Inko infrastructure is no longer beholden to the whims of Silicon Valley giants.
Related Articles
What to Do If (or When) Your Email Is Leaked to the Dark Web
Your email on the dark web likely came from a data breach. Don't panic; it's common. Change passwords, enable two-factor authentication, and monitor accounts. Use email aliases to prevent future exposure.
The 25 Horniest Horror Movies of All Time
This article lists horror movies with notable sexual themes, from vampire eroticism to body horror. It includes films like "The Untamed," "Hellraiser," and "Titane," noting they often explore complex, sometimes unhealthy, links between sex and death.
Stay in the loop
Get the best AI-curated news delivered to your inbox. No spam, unsubscribe anytime.