I am pretty much done with the broad strokes of the current infrastructure migration.
What’s New?
The website now features two clearly separated areas:
- Public Portal: The main entry point at
elgrundo.de. - Protected Area: A password-protected internal portal (
intern.elgrundo.de), secured via Nginx groups. - Open Statistics: In the spirit of Open Source, I am granting access to the visitor statistics (powered by Umami).
Security Roadmap
The next major project is the deep integration of CrowdSec into the web stack. Some might call this setup “overkill” for a personal site, but it is an excellent exercise for professional security concepts.
With Tailscale for the internal mesh network and Nginx Proxy Manager for routing, the foundation is now rock solid.