Everything runs on the
same battle-tested stack
We built our own infrastructure to power DigitalFront. Every customer app runs on the same stack — no cut corners.
Lose a node.
Your app keeps running.
Every app sits on a 2-node cluster with fully replicated database (MariaDB Galera) and replicated storage (GlusterFS). If one node goes offline — hardware failure, maintenance, reboot — the other node continues serving traffic without data loss or downtime.
- MariaDB Galera: synchronous multi-master replication
- GlusterFS: replicated 2-way volume across both nodes
- No single point of failure in database or storage layers
- Caddy reverse proxy with health-based failover routing
Threats blocked
before they reach your app.
CrowdSec community threat intelligence feeds a shared blocklist across all cluster nodes. Known malicious IPs are blocked at the network edge — before they ever hit your app. Combined with Let's Encrypt TLS and Caddy's modern TLS defaults, your app is secured from day one.
- CrowdSec: real-time community threat intelligence
- Automatic Let's Encrypt certificates on every domain
- TLS 1.2+ enforced, weak ciphers rejected
- Container isolation: one app can't touch another
Proper email.
Not an afterthought.
Every domain gets a full Stalwart mail server — webmail, IMAP, SMTP — configured with DKIM, SPF, and DMARC from the moment the domain is added. No fighting DNS records or deliverability blacklists. It just works.
- Stalwart mail: IMAP, SMTP, webmail included
- DKIM signing on every outbound email
- SPF and DMARC configured automatically
- Rate-limiting and bounce monitoring built-in
Add a domain.
Everything configures itself.
PowerDNS manages your domain automatically. The moment a domain is added, DNS records are set, SSL is issued, mail is configured, and your app is live. No manual DNS editing, no waiting, no guesswork.
- PowerDNS: authoritative DNS for all domains
- A, MX, SPF, DMARC, DKIM, CAA — all auto-created
- Wildcard subdomain routing via Caddy
- Point your registrar's nameservers — done