The Stack

Philosophy

This website is a "Digital Garden" – an organically growing archive of ideas, notes, and projects. The architecture strictly follows the principles of data sovereignty and resilience. Every component is self-hosted in order to avoid dependencies on major platforms and to ensure maximum privacy ("Privacy by Design").

Infrastructure (The Iron)

The underlying hardware is rented but the environment is fully managed by me.

  • Host: Netcup GmbH (Nuremberg, Germany)
  • Server Model: RS 1000 G12 Pro
  • CPU: AMD EPYC™ 9645 (4 Dedicated Cores)
  • RAM: 8 GB DDR5 ECC
  • Storage: 512 GB NVMe SSD (RAID 1)
  • Uplink: 2.5 GBit/s
neofetch output

Software Stack (The Code)

The entire infrastructure is defined as code (IaC) and orchestrated via Docker Compose.

  • OS: Ubuntu 24.04 LTS (Noble Numbat).
    • Hardening: UFW Firewall, Fail2Ban intrusion prevention.
    • Access: SSH via Ed25519 Keys only (Password authentication disabled).
    • Maintenance: Automated unattended security updates.
  • Orchestration: Docker Engine (Community Edition).
  • Reverse Proxy: Caddy v2.
    • Handles SSL termination (Let's Encrypt).
    • Delivers content via HTTP/3 (QUIC).
    • Enforces strict Security Headers (HSTS, No-Sniff, X-Frame) for an 'A' security rating.
  • CMS: Ghost 5.x (Headless Node.js application).
  • Database: MySQL 8.0.
  • Analytics: Umami (Self-hosted). Cookie-free and GDPR compliant.

Communication & Operations

  • Transactional Email: Sent via Mailjet SMTP Relay. Fully authenticated via SPF, DKIM, and DMARC to ensure deliverability.
  • Inbound Mail: Routed via ImprovMX to a secure mailbox (EU-only data residency).
  • Backups: Automated weekly "Hot Dumps" (SQL export + file archive) with local rotation.

Performance & Privacy

  • Fonts: Inter (Self-hosted). No connections to Google Servers.
  • Tracking: Zero third-party trackers.
  • Lighthouse Score: 94/96/100/100.