Infrastructure

Hetzner Data Center

• Hetzner is Certified in accordance with DIN ISO/IEC 27001
• Brochure on security and data protection

Firewall

• Software: OPNsense
• Purpose: Firewall, VPN, Routing, Security, Intrusion Detection & Prevention

Proxy

• Software: Traefik Proxy
• Purpose: Reverse Proxy, Load Balancing, Routing, SSL Offloading

Mail Service

• Software: Postal
• Purpose: Mail Delivery

Applications

Some applications consist of multiple services (e.g. database) each in a separate docker container. Due to separate networks only the corresponding application is able to access it's services.

The applications communicate via external secure URLs, process the firewall and proxy and require authenticatication, such as API-Keys and Auth Tokens, to restricted private endpoints.

Identity & Access Management

• Software: Keycloak
• Purpose: Authentication with OpenID Connect, Role Based Authorization, User Management

Website Frontend, Service Panel Frontend

• Software: Nuxt with Security Module
• Purpose: Server-Side and Client-Side Rendering of Web Application Frontends

Content Service

• Software: TYPO3
• Purpose: Content Management System

API

• Softwares: NestJS
• Purpose: Business Logic, API for Frontends

URL Shortener

• Software: Shlink
• Purpose: Controll links using short URLs