fjgbu ~/server.fjgbu.org

Self-hosted infrastructure,
operated solo.

Every service below is designed, built, deployed and maintained by one person on a single Hetzner node. This page reads live status straight from the box.

Francisco Javier Gomez Buendia · Product Engineer · Berlin

>
10
Public services
19
Containers running
CX33 · 4c/8g
Falkenstein, DE
--:--
Server time (CET)

$services

Docker · Traefik · Cloudflare Tunnel
Portfoliolive
fjgbu.org
Personal portfolio, blog and CV. Astro, pixel-art canvas.
fjgbuLablive
lab.fjgbu.org
Studio site. GSAP scroll storytelling, Monet palette.
Vesperlive
vesper.fjgbu.org
Agent console. Node app backed by Postgres.
OpenClawlive
oc.fjgbu.org
Autonomous agent gateway. via Cloudflare Tunnel, no open port
gbMailbeta
mail.fjgbu.org
End-to-end encrypted mail. Postfix, Dovecot, Rspamd.
Threat APIlive
api.fjgbu.org
Fail2ban telemetry as JSON. Powers the terminal below.
Previewlive
preview.fjgbu.org
Staging for in-progress client and side projects.
Umamilive
stats.fjgbu.org
Privacy-first, cookieless analytics. Self-hosted.
Weatherlive
weather.fjgbu.org
Small weather dashboard. A weekend build.
Dashboardlive
server.fjgbu.org
This page. Static, deployed on push to main.

$security

Fail2ban · live
root@fjgbu1: ~ live
root@fjgbu1 ~ $ fail2ban-client status sshd
Every internet-facing server is probed constantly. These brute-force attempts are blocked in real time, then logged here. reading jail status...
--
Total banned
--
Currently banned
--
Failed logins
root@fjgbu1 ~ $ tail -n6 /var/log/auth.log | top-offenders
IP addressAttemptsStatus
loading live data...
usernames attempted: ...
root@fjgbu1 ~ $ updated --:--

$infrastructure

Hetzner Cloud

Node

TypeCX33 · 4 vCPU · 8 GB
OSUbuntu 24.04 LTS
RegionFalkenstein, DE
OrchestrationDocker Compose
IngressTraefik v2.11 + CF Tunnel

Security

TLSLet's Encrypt, auto-renew
SSHKey-only, no passwords
FirewallUFW · 22/25/80/443/587/993
IntrusionFail2ban active
UpdatesUnattended security upgrades

$architecture

Request flow
Internet
Incoming requests
UFW
Firewall
Fail2ban
live ban list
Traefik v2.11
TLS termination · Let's Encrypt
Cloudflare Tunnel
oc.fjgbu.org · no open port
Portfolio
fjgbu.org
fjgbuLab
lab.*
Vesper
vesper.*
gbMail
mail.*
Threat API
api.*
Preview
preview.*
Umami
stats.*
Weather
weather.*
SSH key-only Auto TLS Fail2ban CI/CD on push