⚙️Platform technology overview

Engineering that feels invisible

A production-ready stack focused on privacy, reliability, and speed. Built with Next.js, Docker and a secure edge, deployed to an Unraid home-lab with automated pipelines.

Why this platform

🧩
Unified apps
Main site, Diabetes UI, and services run as isolated apps on a single network.
🔐
Security-first
Strict CSP, HSTS, XFO, nosniff; credentials never stored; privacy by design.
🩺
Observability-lite
Clean logs without sensitive payloads and simple health checks per service.
🚀
Zero-friction deploys
One command promotes builds to Unraid via SSH with health probes.

Architecture at a glance

Frontends
Next.js 15 apps: Main, Tech, Diabetes. Strong headers and CSP. Static + edge APIs.
Backend microservice
Python FastAPI proxy for LibreLinkUp with strict sanitisation and token-only session refresh.
Data
PostgreSQL with minimal schemas: contact submissions and privacy-safe diabetes metrics. No PHI stored.

Security principles

  • Credentials are never stored or logged. Client-only session token refresh.
  • Transport hardening: HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy.
  • CORS/CSRF best practices; no wildcard with credentials; same-origin admin APIs.
  • Sanitised responses from LLU: remove device metadata and internal keys.
High-level summary only — no secrets, internal ports, or credentials.

Technology Stack

Core technologies powering the mynuggets.dev ecosystem

Want a similar private stack?
Get in touch via the main site contact form.
Contact us