Self-Hosted Umami Analytics on Hetzner (Terraform)
An AI-cofounder / autonomous-startup-builder SaaS
Overview
A standalone Terraform/OpenTofu deployment that provisions self-hosted Umami web analytics for an AI-cofounder / autonomous-startup-builder SaaS on a single Hetzner Cloud VM, providing privacy-friendly traffic measurement for the platform’s sites without third-party trackers.
Why It Exists
The platform builds and runs many company websites and wants first-party, privacy-respecting analytics rather than depending on external SaaS trackers. Packaging Umami as infrastructure-as-code makes that analytics endpoint reproducible and cheap to operate on a small dedicated server.
What We Built
HCL (main.tf) declaring Hetzner, TLS and random providers and provisioning a cx23 VM (in nbg1) keyed to a dedicated analytics domain. A cloud-init.yaml installs Docker and runs a Compose stack from /opt/umami: the Umami application (umami-software/umami:postgresql-latest) backed by PostgreSQL 16, with the database persisted on a mounted volume and a health check on the Postgres container. SSH access is keyed (umami_ed25519); Terraform state is tracked alongside the configuration.
Technologies & Approach
Terraform/OpenTofu plus cloud-init for first-boot setup, the same lightweight single-VM pattern used elsewhere in the project’s infrastructure. Umami on PostgreSQL gives GDPR-friendly, self-hosted analytics with a tiny footprint and full data ownership.
Outcome / Impact
Provides a reproducible, self-hosted analytics service as code, giving the platform’s sites first-party traffic insight without external trackers, a standalone counterpart to the Umami instance that also runs inside the main cluster.
Capabilities Demonstrated
- Infrastructure-as-code provisioning of an analytics service
- Single-VM Docker Compose deployment via cloud-init
- Self-hosted, privacy-friendly Umami + PostgreSQL stack
- Persistent volume management and container health checks