My infrastructure relies on Ubuntu VPS orchestrating services via Docker. To ensure network security, I implement a multi-layer strategy: Cloudflare acts as the edge layer for DNS management and IP masking, while Nginx handles reverse proxying and internal routing.

For administration, I strictly isolate sensitive endpoints. Services like SSH and my private Docker Registry are inaccessible to the public internet, reachable only through an encrypted Wireguard VPN tunnel, hosted on my server. My setup allows me to maintain full SSL encryption on internal tools without exposing attack surfaces.

Currently, the cluster powers this portfolio and a full-stack authentication system ('Docker Testing'), with MongoDB serving as the persistent data store for incoming applications.