All systems operational
Infrastructure Portal

Internal IT Hub
for northwind.systems

Centralised access to infrastructure status, internal tools, documentation and deployment history across all environments.

99.97% Uptime / 90d
83 Servers
24 Services
6 Regions
0 Active incidents
# System Status
22 services
# Internal Services
16 tools
🦊
GitLab
Source code, CI/CD pipelines, MR reviews
DevOps
📋
Jira
Issue tracking, sprints, project boards
PM
📚
Confluence
Team wiki, runbooks, architecture docs
Docs
Harbor
Container registry, image scanning
Registry
📊
Grafana
Metrics dashboards, alerting, Loki logs
Monitoring
n8n
Workflow automation, integrations
Automation
🗂
Seafile
Internal file storage, document sync
Storage
🔐
Vault
Secrets management, PKI, credentials
Security
🔍
Nessus
Vulnerability scanning, compliance reports
Security
📁
File Mirror
Packages, releases, dist artifacts
CDN
🔔
Alertmanager
Alert routing, silences, Slack/PD integration
Monitoring
🔥
Prometheus
Metrics collection, PromQL, recording rules
Monitoring
🪵
Loki
Log aggregation, LogQL queries
Logs
🐇
RabbitMQ
Message broker, queue monitoring
Infra
🪣
Bitbucket
Legacy repos, pre-receive hooks
DevOps
🐳
Portainer
Docker container management UI
Infra
# Documentation
runbooks · guides · playbooks
🚀
Server Onboarding & Hetzner Provisioning
📅 Updated 2 days ago 👤 ruslan.s ⏱ 12 min read
Hetzner Ansible Terraform
🔥
Prometheus + Alertmanager Alert Routing Playbook
📅 Updated 5 days ago 👤 ruslan.s ⏱ 8 min read
Monitoring Alertmanager Slack
🔐
SSL Certificate Automation — Ansible + TheSSLStore
📅 Updated 1 week ago 👤 ruslan.s ⏱ 15 min read
SSL Ansible GoDaddy DNS
🛡
Nessus Production-Safe Scan Configuration
📅 Updated 2 weeks ago 👤 ruslan.s ⏱ 10 min read
Security Nessus Gcore
🐳
Docker & Docker Compose Standards — Naming, Networks, Labels
📅 Updated 3 weeks ago 👤 ruslan.s ⏱ 20 min read
Docker Standards
🔄
MirHosting → Hetzner Migration Runbook
📅 Updated 1 month ago 👤 ruslan.s ⏱ 30 min read
Migration Hetzner In Progress
🔗
GitLab CI/CD Pipeline Design — Multi-env Deploy Strategy
📅 Updated 1 month ago 👤 ruslan.s ⏱ 18 min read
GitLab CI Stage Prod
n8n External Task Runners — Python & JS Config
📅 Updated 6 weeks ago 👤 ruslan.s ⏱ 14 min read
n8n Python S3
🗂 Categories
Infrastructure 24 Security 12 CI/CD 9 Monitoring 11 Networking 7 Databases 8 Runbooks 16 Migrations 5
🔗 Quick References
Hetzner Cloud Console ↗ AWS Console ↗ Gcore Cloud ↗ Terraform State (S3) ↗ Ansible Inventory ↗ SSL Expiry Tracker ↗
⚠️ Open Incidents
No active incidents
Last incident: 14 days ago
Duration: 12 min · nginx restart
📦 Migration Status
web-prod pending
confluence-db pending
subscribe-mysql8 pending
xpromoadmin done
n8n stack done
harbor registry done
# Changelog
infrastructure · deployments · incidents
2026-03-18
Bitbucket pre-receive hooks feature devops
Implemented Git pre-receive hook system on Bitbucket DC v9.4.9 with manage.sh CLI. Policies: file size limits, LFS enforcement, branch naming, repo size caps. Deployed via REST API. Pending: feature.hook.scripts=true in bitbucket.properties.
RS ruslan.s · bitbucket.northwind.systems
2026-03-14
n8n v2.4.6 upgrade automation
Migrated n8n from v1.x to v2.4.6. Configured external Python/JS task runners. Set up Hetzner Object Storage S3-compatible backend for binary data. Resolved JS runner timeout and memory issues. Added VPN-based nginx access control with SSE support for /rest/push.
RS ruslan.s · n8n.northwind.systems
2026-03-09
xpromoadmin Docker migration migration fix
Completed migration of xpromoadmin Yii2/PHP app to Docker on Hetzner KVM.
  • Resolved SVN wc.db lock and ext4 metadata_csum overhead
  • Fixed SAML stale SAMLResponse auth failures
  • Resolved LDAP TLS trust with internal CA on Alpine
  • Downgraded MySQL 8.4→8.0 for mysql_native_password compat
RS ruslan.s · hetzner · docker
2026-03-02
Harbor hardening security
Nginx security hardening for Harbor container registry: IP whitelisting, rate limiting per endpoint, TLS 1.2/1.3 only, HSTS, removed server tokens. Configured Trivy scanner integration. All pushes now require authentication.
RS ruslan.s · harbor.northwind.systems
2026-02-21
Nessus on Gcore CCX23 feature security
Deployed Nessus Professional on dedicated Gcore CCX23 instance. Configured production-safe scan parameters (throttle, no disruptive checks, exclude critical hosts). Scheduled weekly scans across all 83 Hetzner servers. Reports integrated into Confluence.
RS ruslan.s · gcore · nessus
2026-02-10
AWS IPv6 rollout infra feature
Configured IPv6 across AWS global and China regions (cn-northwest-1, cn-north-1) via Terraform and Ansible. VPC/subnet IPv6 CIDR association, dual-stack routing tables, updated security groups. All ELBs now respond on both stacks.
RS ruslan.s · AWS · Terraform
© 2026 Northwind Systems · northwind.systems · All rights reserved
env: production  |  region: eu-central-1  |  build: 2026.03.24  |  nginx: 1.25.4