Unterstützen
de en
Zurück zum Blog

A Cool Kayak - Self-Hosting at CorrelAid

In this blog post we would like to discuss what and how CorrelAid is self-hosting, why we decided to do so and what this has to do with cool kayaks.

8. April 2026 · Jonas Stettner

A person in a yellow kayak raising a paddle above their head as a large wave crashes into the front of the kayak.
Photo by Ghostolini from PxHere

At CorrelAid we self-host a growing number of open source services: we run OpenProject for project management, Directus as our headless CMS and for other data entry tasks, Metabase for analytics and dashboards, and Dagster for data orchestration. Our website, recently re-launched and formerly hosted on Vercel, is self-hosted too. On top of that, we maintain several continuously self-developed apps.

Reasons for self-hosting include that it simply is cheaper. For example, OpenProject would cost around $212 per month as a SaaS offer, while running it on a VPS, we pay below 10€. While this requires set-up and maintenance time, the tools we discuss below simplify self-hosting immensely while ensuring some best practices are adhered to.

The foundation of our self-hosting is provided by Hetzner in the form of very reasonably priced virtual private servers (VPS), S3-compatible object storage and DNS management. Additionally, we utilize their server backup functionality for a primary backup layer in case everything goes wrong.

Infrastructure as code for reproducibility

Another cool thing about Hetzner is that they maintain an OpenTofu Provider. OpenTofu, a fork of Terraform, is an infrastructure as code (IaC) tool that allows you to automate the provisioning of your infrastructure by defining it declaratively.

Our CorrelAid Infrastructure as Code (i.e. CAIAC) repository is where we add new VPS and subdomains. Each VPS is provisioned with cloud-init scripts, added to our Netbird Virtual Private Network, and configured with uptime checks via UptimeRobot. For both Netbird and UptimeRobot, their free plans are sufficient. Using a VPN allows us to keep SSH ports closed and do fine-grained access management.

Coolify for easier self-hosting

A typical challenge of self-hosting is maintaining and keeping an overview over servers and services deployed on them. It's like loading a kayak with multiple unlabeled dry bags: everything's in there somewhere, but good luck finding your repair kit to patch a leak when you're on the water. Having an overview over your kayak's inventory is critical!

That’s why our CAIAC becomes really cool when we let Coolify manage the provisioned VPS. Coolify is a self-hosting platform that lets you deploy and manage applications through a browser-based UI. Under the hood, it uses Docker but abstracts away much of the complexity while still offering enough customization options for our needs. Naturally, Coolify itself is self-hosted by us as well.

Coolify includes handy features such as rolling updates for continuous deployment (required for our website), automated backup of databases, notifications when servers become unreachable, and HTTPS automation, to name only a few. It also handles server patching and provides a centralized dashboard to manage all our services across multiple VPS, which saves us from having to SSH into individual servers for routine tasks.

We have extended Coolify's functionality with two custom tools: an update checker that notifies us when newer Docker images are available, and a dynamic infrastructure overview, including projected pricing, that pulls data from the remote OpenTofu state file as well as Coolify's and Netbird's APIs.

Beyond the tooling, we also maintain a set of self-hosting standards that guide us when spinning up new projects. These cover access control (at least two people with admin rights per service), secrets management (never hardcoding tokens and instead use Infisical and Bitwarden), shell history hygiene to prevent credential leaks, and a strict policy of always testing backup restores after setting them up. Each service also gets its own Slack channel for maintenance announcements and coordination.

Self-hosting isn't free in terms of time and attention, and our cool CAIAC has been through some rough waters, but for CorrelAid, the cost savings, control, and learning have been well worth it.

If you would like to discuss self-hosting, or need guidance on whether self-hosting is a good choice for your Non-Profit, feel free to contact us.

Disclosure: CorrelAid is supported by Hetzner through credits for their cloud.

Newsletter