Why I'm Ditching Coolify for Ansible for Deploying my Web Apps

DISCLOSURE: If you buy through affiliate links, I may earn a small commission. (disclosures)

For the past year I've run my apps on Coolify. It's been a great experience but I've recently decided to move off it and run my server setup and app deploys with a custom Ansible script instead.

In this post I want to share a few reasons why I decided to do this.

Infrastructure as Code (IaC)

The primary reason I wanted to move off Coolify was to achieve Infrastructure as Code.

I typically run about a dozen apps at one time and that number grows / shrinks depending on what I'm building / killing at the time. Coolify provided a great UI for managing individual app infrastructure - from the app deployment to the database backups to environment secrets. But I found it lacking when it came to managing many apps as a lot of the configuration had to be done on a per app basis - navigate the UI, paste in the config, redeploy.

Once done, I felt it was fragile. If something bad were to happen to my servers tomorrow, how hard would it be spin up the exact same thing on new hardware? With Coolify I felt I'd miss bespoke configs here and there and spend a decent chunk of time debugging and reproducing my configs.

With Ansible it's all in code - if it works the first time, it should work next week and next year as well.

Control and Transparency

Coolify has decent documentation and surfaces a lot of configuration for you.

But it's ultimately an app-layer tool and, like it or not, most workloads run on bare metal - that's why we're using Coolify instead of a full-blown Cloud after all. I felt that Coolify gave me good control of individual apps but I still had to manage the layers beneath it (like setting up and configuring the server) which required another tool.

I started using Ansible just to set up my servers for Coolify to use but I started to notice I was doing more and more with Ansible to get things configured how I wanted:

Using non-standard ports for apps / protocols
Setting up firewall rules to only allow Tailscale access
Configuring DB users per app to isolate them

Over time, the skeleton of my architecture was built with Ansible because it provided more control and transparency into what was going on. Then I'd port the changes into my individual apps via Coolify to get them setup.

After awhile, it seemed like it'd be easier and less error prone if I just used Ansible for the whole thing - mainly because I could encode and share variables across my entire stack as opposed to manually updating them in the UI.

Less Dependency Risk

Coolify is a solid technology and I've had no reliability problems using it to run my production apps.

But it does worry me that it has such a small dev team and usage. I think there's a definite risk that it won't be around 5 years from now. The creator seems dedicated and is constantly releasing updates but they frequently veer onto other projects leaving significant bus factor risk.

Ansible OTOH is battle-tested and while many of the tasks are custom, they're at least transparent which means they're debuggable long term. The bus factor risk now falls on me but that was the case for all my projects anyways.

A Learning Opportunity

I've recently found myself moving my projects closer to bare metal. I'm daily driving Linux, running my own servers, and now building out my own configuration and deploy pipelines.

Coolify was useful for getting my apps up and running but I always wondered what was one layer deeper. I've now been a software engineer for 8 years, building apps on a variety of clouds, runtimes, and orchestration technologies. But I've never really taken the plunge to admin my own servers, at least in a ~production-like manner.

Coolify is unlikely to be used at a lot of places I work and most will opt for a large public cloud. But at the end of the day it's all running on computers and I think that knowledge will be useful long into the future - until quantum or organic or some other paradigm-shifting version comes out.

So Ansible gives me a lot of the benefits and teaches me a skill that I can use to setup and run ~any workload on ~any machine I have access to. I think that's pretty cool.

I'll admit that I've probably been influenced a bit by DHH and Levelsio's rants ab how running bare servers isn't that hard and saves multiples on costs long-term. I'll likely find it's a bit harder than I originally thought.

It certainly took me longer to build the setup scripts than I thought - about two weeks to my estimated 3 days. But I've also found some good early wins that make me think this was the right choice:

~90% cost savings vs cloud (see CloudCompare for comparisons)
Apps configured in ~20 lines of YAML
Deploys across multiple servers
Ability to manage separate server types - currently App, DB, Analytics
Production-ready monitoring stack
Increased security with Tailscale-only ssh, IP-based firewalls, and app-isolated DB users
Postgres and Redis DBs with automated backups synced to S3 and pgbouncer for sharing connections

In short - it's a much more production-ready setup than I've ever had for a fraction of the cost of running this on cloud and it's all code so I can spin it up on new machines whenever I need to.

I'd probably recommend most solo devs with just a few apps start with Coolify. But if you want a bit more control, run many apps, and are comfortable with servers - Ansible is a pretty amazing tool.

As for the bus factor, AI has helped me a lot and seems pretty good at Ansible. My guess is because many machines are setup in similar ways so there are common tasks for common problems. This makes me less worried that I'll run into a problem I can't solve - I can probably debug it with AI as a reference.

Let me know if you have questions ab Ansible or my setup - I'd be happy to share more if people are interested.

I'm currently hosting my apps on Hetzner servers. Get $20 in Hetzner cloud credits when you sign up with my link.

If you liked this post you might also like:

Want more like this?