Why I Bypassed the Cloud Treadmill to Build a 100% Independent Self-Hosted Stack

Own The Stack — Fri, 05 Jun 2026 22:03:23 +0000

Philosophy doesn't mean much without execution. If I’m going to advocate for data sovereignty and owning your data, I need to show you exactly what my architecture stands on.

My project, OWNTHESTACK.co, isn't deployed to a massive managed web service, it doesn't use third-party serverless infrastructure, and it doesn't store media in an invisible corporate bucket. It runs entirely on an independent, flat-rate virtual private server (VPS) running minimal Linux.

Here is the exact containerized layout and setup powering the application.
The Design Philosophy

The goal: maximum control, absolute data ownership, and strict network privacy. The host operating system remains completely clean. Everything is modular, portable, and tightly locked down inside isolated internal container environments.

The Core Engine (.NET 8 & React)

The backend processing engine is a clean .NET 8 application. Modern .NET is incredibly fast, memory-efficient, and runs flawlessly inside isolated Linux containers. It handles text payloads and securely encrypted administration sessions. The frontend uses lightweight static production assets served with near-zero resource overhead.

Personal Data Control (PostgreSQL 16)

Every word of text, metadata tag, and background layout setting lives in a localized PostgreSQL 16 data engine running locally inside an isolated container with an explicit disk mount. Backups are raw, automated compressed files controlled by simple shell scripts that back up exactly what matters to an encrypted storage destination I control.

Independent Media Storage (MinIO)

Inline graphics don't stream from a generic public media host or a third-party asset SaaS. They stream straight out of a local MinIO storage vault container running on our hardware using secure, short-lived cryptographic links.

Reversing the Firewall (Cloudflare Tunnels)

This is the most critical privacy and security boundary. If you run an external network port scan on this server's public IP address, port 80 and port 443 are completely closed. Instead of opening the server to the wide-open internet and constantly fighting off automated bot scans, the server runs a secure outbound tunnel daemon. It establishes an encrypted, outbound-only pipeline to the network edge. Web traffic routes securely down this outbound pipe straight to our internal container environment. If it doesn't originate from this authenticated channel, it cannot touch our data.

I am documenting my entire journey of migrating off corporate platforms, sharing raw configs, and analyzing self-hosted infrastructure. Follow along or subscribe to the raw logs at OwnTheStack.co

What Am I Actually Depending On? A Practical Approach to Data Sovereignty

Own The Stack — Fri, 05 Jun 2026 21:57:47 +0000

Most of us don’t really own our digital lives.

Our photos live in cloud libraries. Our documents sit in someone else’s storage systems. Our passwords are managed by services we log into, not systems we control. It’s convenient, fast, and mostly invisible.

But at some point, I started asking a simple question: what am I actually depending on here?

The more systems I looked into, the more I realized how much personal data flows through platforms I don’t control. What gets stored, how it’s used, where it’s replicated, and who ultimately has access to it is often hidden behind terms of service most people never read. Convenience often comes with tradeoffs that are easy to ignore until they matter.
Thinking Differently About Data Management

I decided to evaluate where my information lives, how it’s backed up, how portable it is, and what happens if I ever want to leave a service. Not in an extreme way, but in a practical one: reducing dependency, increasing clarity, and keeping control where it matters.

I broke things. A lot of things. I rebuilt them. I migrated setups that didn’t scale. I replaced tools I thought I needed with simpler systems I could actually explain. And slowly, I started to care less about convenience at any cost, and more about understanding the ground I was standing on.

The goal isn’t to reject modern tools or pretend everything should be self-hosted. It’s to understand what we use well enough to choose it deliberately instead of passively accepting vendor lock-in.

Over the next few weeks, I’m putting out raw logs covering:

Self-hosting & app deployment

Data ownership & portability

Docker orchestration & Linux systems

Networking & outbound secure tunnels

Backups & monitoring

No schedules, no marketing noise. Just raw building, breaking, and learning what holds up. Check out the project architecture at ownthestack.co

DEV Community: Own The Stack

Why I Bypassed the Cloud Treadmill to Build a 100% Independent Self-Hosted Stack

What Am I Actually Depending On? A Practical Approach to Data Sovereignty