Building Secutils․dev: Running micro-SaaS for less than 1€ a month
Hello!
In my previous posts, I mostly focused on the technical aspects related to Secutils.dev, such as the technological stack, deployment process, and tools for monitoring and usage analytics.
Today, I'd like to discuss the costs associated with running Secutils.dev in production. As developers, we understand the importance of being resourceful, frugal, and efficient when building and maintaining products. Therefore, minimizing costs is a crucial and ongoing topic. Let's dive into how I optimize costs for Secutils.dev.
DISCLAIMER: I want to acknowledge that while the strategies I'm about to share work well in the early stages of a product and micro-SaaS, they may not be as effective as the product grows. However, at this point, we can safely set aside concerns about scaling and growth issues since many companies and products fail long before reaching that stage.
Source code management
Cost: 0€ / month
Vendor: GitHub
The source code for Secutils.dev is publicly available and is stored in several separate repositories hosted on GitHub, which offers free hosting. Additionally, GitHub provides unlimited free private repositories, which is ideal for managing content that is not relevant to the broader community. For instance, I use a private repository to host the source code for the Secutils.dev promotional website, as well as the terms and privacy policy.
GitHub's free plan also includes features like secret scanning and dependabot, that I'm pleased to make use of.
Continuous integration
Cost: 0€ / month
Vendor: GitHub
For my current CI needs, I require basic checks such as ensuring that the backend server, Web UI client, and documentation can be successfully built after every push to the upstream branch. I also run tests and perform a few essential linting checks.
GitHub's free plan offers a generous allocation of 2000 minutes per month for GitHub Actions, which is more than sufficient for a small project like mine. Since I don't push every commit to GitHub, the CI process is not triggered very frequently. Typically, I push a batch of commits once or twice a day. As of now, the average CI run time for the Web UI client and documentation website is around 3 minutes each. The backend server's full build time varies between 3 to 18 minutes, depending on the changes made. However, I already have plans to optimize and reduce this build time by half. Since I don't make changes across all three repositories every day, a maximum estimate of 25 minutes of CI time per day seems reasonable. At this rate, I would exceed the 2000 minutes monthly budget only after 80 days, rather than the standard 30 days.
To minimize build times, I make extensive use of Cargo and Yarn caches between CI runs. You can find the GitHub Actions configurations for the backend server, Web UI client, and documentation in the corresponding repositories.
Hosting
Cost: 0€ / month
Vendor: Oracle (Oracle Cloud Infrastructure)
As I discussed in my previous post, Building Secutils.dev: Technology stack overview, Secutils.dev comprises various components built on different technologies, each with its own resource requirements. When it came to choosing a hosting solution, I found Kubernetes to be the most suitable tool for the job.
However, finding a cloud provider that offers ready-to-use Kubernetes infrastructure in a free tier proved challenging. Therefore, I prepared myself to set up my own Kubernetes cluster from scratch. During my research, I came across the Oracle Cloud Free Tier. While their free tier does not include Container Engine for Kubernetes (OKE), it still offers an impressive range of features. Here's the part of their offer that is particularly relevant to me:
Arm-based Ampere A1 cores and 24 GB of memory usable as 1 VM or up to 4 VMs with 3000 OCPU hours and 18000 GB hours per month.
With 3000 OCPU hours per month, which is equivalent to 4 OCPUs, I have the flexibility to manually create a small cluster with up to 4 nodes. At this stage, it is acceptable to allocate one of the worker nodes for the control plane. For example, I can assign 2 OCPUs and 12 GB RAM to the secutils-prod node, 1 OCPU and 8 GB RAM to the secutils-dev node, and 1 OCPU and 4 GB RAM to the secutils-qa node.
The free tier also offers additional benefits, such as unlimited inbound data transfer and a monthly limit of 10 TB for outbound traffic, free of charge. I encourage you to explore the details if you're interested.
Please note that while the Oracle Cloud Free Tier provides generous resources, it is important to monitor your usage to ensure you stay within the free tier limits. Don’t forget to set up budget alerts as a precautionary measure.
Monitoring
Cost: 0€ / month
Vendor: Elastic (self-hosted)
As discussed in my previous post, Building Secutils.dev: Privacy-friendly usage analytics and monitoring, I utilize Elasticsearch, Kibana, and Beats for monitoring purposes. Since I have my own Kubernetes cluster, I can self-host and use these tools for free, within the limits of the Elastic Basic license.
To ensure that logs and metrics data do not accumulate indefinitely and consume all available space in the free tier, I have set up an index lifecycle policy. This policy allows me to automatically delete old data when the index size exceeds a predefined threshold.
Analytics
Cost: 0€ / month
Vendor: Plausible (self-hosted)
As mentioned in Building Secutils.dev: Privacy-friendly usage analytics and monitoring, I utilize Plausible Analytics for gathering usage analytics. Similar to my monitoring setup, I self-host Plausible Analytics within my Kubernetes cluster, resulting in no additional cost associated with it.
Plausible Analytics stores usage data in a ClickHouse database, which is highly efficient in compressing and storing large datasets. Therefore, storage capacity is unlikely to become an issue for Secutils.dev's usage analytics in the foreseeable future.
I want to highlight that once Secutils.dev becomes profitable, supporting the small team behind Plausible Analytics is important to me. Therefore, it is highly likely that Plausible Analytics will be the first product for which I switch to a paid subscription.
Secret management
Cost: 0€ / month
Vendor: Oracle (Oracle Cloud Infrastructure)
No matter what type of product you're building, you will likely need to handle sensitive information and secrets such as master keys, API keys for third-party integrations, and passwords. Storing these secrets in private Git repositories is not recommended, and it's generally preferred to use a secure vault solution.
While you have the option to use the self-hosted Vault from HashiCorp, I take advantage of the fact that Oracle Cloud Free Tier includes a vault. Since it's already available to me, it makes sense to utilize it for my secret management needs.
TLS certificates
Cost: 0€ / month
Vendor: Internet Security Research Group (Let's Encrypt)
Gone are the days when you were required to pay for TLS certificates for your website. Thanks to the Internet Security Research Group, obtaining TLS certificates has become free and accessible. Since I have a Kubernetes cluster, I utilize Traefik to automatically issue and renew TLS certificates for the secutils.dev domain and its subdomains. This service is provided by Let's Encrypt, and it comes at no cost to me.
Storage
Cost: 0€ / month
Vendor: Oracle (Oracle Cloud Infrastructure)
At the current stage of Secutils.dev, the storage requirements are minimal, and the 200 GB of block volume storage included in the Oracle Cloud Free Tier is more than sufficient.
Additionally, the free tier includes 20 GB of Object Storage, which I utilize for backups of the main SQLite database through the Amazon S3 Compatibility API, using Litestream. This allows me to securely store backups while staying within the free tier limits.
Email hosting
Cost: 0€ / month
Vendor: Oracle (Oracle Cloud Infrastructure) and Zoho
Within the Oracle Cloud Free Tier, an Email Delivery Service is available, allowing me to send up to 3000 emails per day for free. While I don't currently send a significant number of transactional emails to Secutils.dev users, it's great to have such a tool at my disposal.
For personalized, manually-crafted emails that I send from *@secutils.dev addresses, I utilize the Forever Free Plan provided by Zoho. They offer an excellent service, and if I ever reach the limits of the free plan, I am open to upgrading to a paid plan.
Marketing
Cost: 0€ / month
Vendor: Word of mouth
Marketing for Secutils.dev is based solely on content marketing. I publish posts that I think people may find interesting and useful, and share them on my social media channels and in different niche communities. I do not engage in any paid advertising or marketing campaigns on social media or search engines, and I do not pay anyone to recommend Secutils.dev to their audience. Instead, I rely on the support of the Secutils.dev community to spread the word about the tool.
Conclusion
In summary, the cost of running Secutils.dev in production is nearly zero, excluding the investment of my time and energy. So why did I choose the title "Running micro-SaaS for less than 1€ a month" instead of "Running micro-SaaS for free"? The reason is that there are still expenses to consider. In my case, it's the cost of the secutils.dev domain name, which amounts to 11.3€ per year or 0.94€ per month!
While there are startup programs available that offer many of the required tools and resources for free, they often come with certain criteria that need to be fulfilled, and they are temporary in nature. During the early stages of a product, it can be more beneficial to focus on building the product and serving users rather than fulfilling the requirements of these programs.
Overall, the combination of free services and the minimal cost of the domain name makes it possible to bootstrap indie projects like Secutils.dev with a very low budget, as long as you're comfortable with taking ownership of all the technical and operational challenges involved.
That concludes today's post. Thank you for reading! In my next post, I'll be sharing my thoughts on the formal project management for projects like Secutils.dev. Stay tuned for some cost-saving tips and tricks! If it sounds interesting to you, feel free to follow me here, on Indie Hackers, Twitter, Mastodon, or LinkedIn.
Running your own cluster so you can self host is a nice hack to get plausible for free.
Yeah, but I still think it's a smart move for Plausible to offer a free self-hosted option. I do this too for Secutils.dev. If someone is willing to bear all the costs of self-hosting the product, which includes the Plausible app, PostgreSQL, and ClickHouse databases, handle data backups, and perform version upgrades, it's unlikely that they would become your customer at this point anyway, for a variety of reasons, such as financial constraints. You can either lose them right away or give them the self-hosted option to build a relationship and hope that someday they will grow, resolve their issues, and become a happy customer.
I agree with your approach that in the initial stages, it's sufficient to use the free tier of all the platforms you're using to minimize costs.
However, there might be a possibility to upgrade to a higher tier when the required usage increases. Isn't that right?
I just found out that Oracle also offers cloud services. Why did you choose Oracle Cloud over others like AWS, GCP, or Alibaba?
By the way, wishing you all the success with your product!
Yep, that's spot on. The core idea is that if I can accomplish everything I need using their Infrastructure as a Service offering (IaaS), then I should be able to achieve the same, or even better and more efficient results with their Platform as a Service offering (PaaS) and their paid tiers.
The last time I checked, none of these three providers offered any "always free" compute resources, they only had trial options available (although I didn't delve deeply into their startup programs). However, with Kubernetes, it shouldn't be challenging to migrate to any of these providers in the future if they happen to have more compelling offerings. Did I miss something?
Thank you!
I couldn't agree more!
I totally agree that using Kubernetes doesn't make it too hard to migrate to another provider.
Nah, I don't think so. You know better.
I'm curious how long it took you to complete the product for both the back-end and front-end developments. As for documentation, I don't think it will take much time because, as far as I know, Docusaurus takes care of it all for us.
For the front-end part, do you design the layout first using Figma or something similar?
Well, my case isn't indicative since I had quite a bit of overload on my main full-time job that drained my energy considerably. However, you can take a look at the commit history for the back-end and front-end - the first commits are dated mid-December of last year. So, it took roughly ~6 months for the back-end, front-end, promo website (including crafting the privacy policy and terms in a private repository), setting up CI/CD and other infrastructure, planning, setting up social accounts, preparing a public statement, and writing initial blog posts (which is the most challenging and time consuming part 🙂). I admit, it's a lot of time for an indie project.
Yeah, the only part that took a quite a bit of time was tweaking Docusaurus styles to match the look of the main website/workspace. If I need to do it again in the future, it will be faster since I now know how to do it.
For future iterations, I might use Figma or a similar tool (and make it public if I do). This time, for the MVP/beta version, I simply drew inspiration from other tools I use regularly. The Elastic UI framework provides numerous examples that happen to align well with my use cases.
Wow, 6 months is a really short time to do all that by yourself while also having a full-time job.
I totally agree with your statement that writing blog posts is a time-consuming part because I feel the same way. I have had a website live for about 4 years but only have 1 blog post 😀.
Since your project is an open-source project, and I really appreciate and support open-source projects. I hope that I can contribute to that project later. By the way, I'm a front-end developer.
I've checked out the Elastic UI Framework page, and I'm interested in giving it a try for my next project. I didn't know before that Elastic built a UI Framework and made it open source because as far as I know, Elastic is famous for its Elasticsearch 😀.
Haha, yeah, I'm forcing myself to publish a post or two a week to develop the habit. It's challenging, but let's see if I can sustain it 🙂
You're very welcome to contribute whenever you feel like it!
Good luck and looking forward to your next post 🙂
Thank you!
I love this post :-) It's great to see that if you know how you can run a small SaaS business for a literally penny's a month. For my startup currently I'm paying around 0.05 $ / month (excluding domain) :-)
That's great! Would you mind sharing how you manage to do this? I'm sure many will really appreciate your insight (me included :)) @nmsdvid.
Sure :-) I'm using Vercel for building, hosting, DNS stuff- free account. Using Firebase for database and storage, Stripe for payments. The 0.05$ / month is for the Firebase Cloud functions.
Awesome, thanks for sharing! Bookmarked 🙂
Thanks for sharing all this! Can you describe your Kubernetes setup in a bit more detail? How do you self-host everything (secutils-prod, Plausible, Elastic, anything else?) on the Oracle free tier? Where is ClickHouse hosted? How many PSQL DBs do you have? I think more posts detailing all your infra would be awesome!
Hey @takecare! Sure, I've touched on it a bit in my previous posts and planning to cover k8s setup in more detail in one of the upcoming posts - just need to tidy things up a bit to cater to a broader audience. But in a nutshell, for Secutils.dev's own components, it's almost as simple as:
Building Docker images with Dockerfile's hosted in every repository, as described in this article: Building Secutils.dev: Deployment Overview of Micro Cluster for Micro SaaS.
Using these images within a Kubernetes deployment.
For Plausible and Elastic, it's even simpler since they already provide all the Kubernetes configs you need:
Plausible - You can find their Kubernetes config files for ClickHouse and PostgreSQL here. Please note that these configs are being moved to a dedicated repository at the moment.
Elastic - You have two options: you can either use their Helm charts, or you can use ECK. The documentation for both options is pretty decent.
If you have any specific technical questions, feel free to open a discussion in https://github.com/orgs/secutils-dev/discussions!
Nice, but I couldn't stop thinking about your opportunity cost. How long are you planning to put in your time and effort and if you don't mind how much is that adding up in opportunity cost?
Hey @rebeloper!
That's a great question, and to be honest, I don't have a definitive answer yet. It would be wonderful if you could share your thoughts on this!
Currently, my scarcest resource is time, as I work on Secutils.dev while still being a full-time employee elsewhere. Setting up the infrastructure and automation has been the most time-consuming aspect (aside from actual feature development). Fortunately, I had already incurred this cost while setting up infrastructure for my previous project, AZbyte | ETF. That's why the infrastructure setup cost was negligible for Secutils.dev. If I were to start from scratch, I would probably opt to 1) pay a cloud provider for ready-made Kubernetes infrastructure, 2) pay Plausible for their SaaS offering, and 3) switch to a cheaper monitoring solution (Elastic Cloud isn't indie-friendly unfortunately) :)
For some founders, the money factor holds more weight, so going the self-hosting route would probably make sense.
Apart from the infrastructure aspect, do you see any other significant inefficiencies in my approach?
The approach is great, the only caveat is that you're putting in time and effort. I know it's the indie dev way, but sooner or later it has to make some profit. What I would do is know my hourly rate, keep track of the time spent working on it and estimate when I will come even from the profits it going to bring in. How many recurring users will it need, what timeframe would be this achieved in? And this will just be breaking even. The Real profit might come only after this. Once you have a clear picture of this you will be able to determine to move forward with the project or go for a more lucrative one. At the end of the day the more profit you can get per user on a recurring basis the better.
Yep, I fully agree. I'm still trying to figure this out myself. It's definitely a crucial part that needs to be done as soon as possible (ideally, even before investing any time into the idea, but, you know how it works sometimes...)
This comment was deleted 2 years ago.
Thanks a lot for the feedback @SaltyWaffle!