Overview & Scope
Developed a secure, scalable, and centralized cloud server management platform designed to host multiple personal projects, databases, and mail domains. The architecture eliminates the overhead of managing fragmented hosting environments while introducing strict security measures to protect the system.
Core Architecture & Zero Trust Integration
The hosting environment is built on Oracle Cloud Infrastructure (OCI) and managed via Virtualmin. Rather than exposing server ports directly to the internet, access is hardened using Cloudflare Zero Trust tunnels:
- Zero-Trust Tunnels: Cloudflare tunnels create a secure egress-only connection from the local server to Cloudflare edge nodes, keeping ports like 22 (SSH), 80/443 (HTTP/S), and 10000 (Virtualmin) completely closed to external network scans.
- Granular Identity Access: Access is gatekept by a Cloudflare access policy that requires identity verification via Google OAuth and email OTP authentication, ensuring only authorized administrators can log in.
- Infrastructure Management: Virtualmin aggregates configuration controls, enabling simple creation of virtual servers, MySQL databases, SSL-enabled domains, and software/security patching scripts. Real-time CPU, RAM, and disk utilization graphs allow for proactive resource optimization.
Core Deliverables
- Centralized Hosting with Virtualmin to manage multiple virtual hosts, databases, and SSL websites from a single panel.
- Enhanced Security via Cloudflare Zero Trust tunnels, shielding the hosting server from public port scans and web threats.
- Flexible Identity Provider (IdP) integration supporting Google OAuth and secure email OTP validation.
- Scalable Infrastructure utilizing Oracle Cloud (OCI) flexible Ampere A1 Compute VM instances.
- System Monitoring & Diagnostics tracking CPU, memory load, disk IOPS, and network bandwidth in real-time.