Langsung ke konten utama
Tri GunawanDeveloper
BerandaERPAplikasiTentangKontak
Hubungi Saya
Tri GunawanDeveloper

Arsitek Otomasi Bisnis — 12+ tahun membangun ERP, platform berbasis AI, dan solusi enterprise yang menghasilkan ROI terukur.

GitHubLinkedInEmail

Navigasi

  • Beranda
  • Proyek
  • Modul ERP
  • Tentang

Keahlian

  • Solusi ERP
  • Frontend
  • DevOps
  • Rekayasa Data

Sumber Daya

  • Studi Kasus
  • Kontak

© 2026 Tri Gunawan. Hak cipta dilindungi.

Dibuat dengan menggunakan Next.js & React Three Fiber

Back to Case Studies
Infrastructure & DevOps
15 min read1 Infrastructure Architect / IT Manager

ABCFood Self-Hosted Infrastructure Platform

How we built a 45+ service platform on 20+ Hetzner servers replacing $100-300K/yr in SaaS costs with full data sovereignty.

ABCFood Self-Hosted Infrastructure Platform

devops

Overview

ABCFood Group was spending heavily on fragmented SaaS subscriptions with no data sovereignty and vendor lock-in across ERP, collaboration, analytics, and security. We built a comprehensive self-hosted platform running 45+ services across 20+ Hetzner servers, orchestrated with Dokploy and secured with Authentik SSO, CrowdSec IDS/IPS, and Wazuh SIEM.

Challenges

  • 1SaaS vendor lock-in with rising costs across 20+ subscriptions
  • 2No data sovereignty — business data scattered across third-party clouds
  • 3Fragmented identity management — separate logins for every tool
  • 4No centralized monitoring or alerting for production services
  • 5Manual backup processes with untested disaster recovery
  • 6Security blind spots without centralized threat detection

Solutions

  • Dokploy orchestration with Docker Compose across 20+ Hetzner dedicated servers
  • Traefik reverse proxy with automatic SSL and Cloudflare DNS integration
  • Authentik SSO with OIDC/LDAP providing single sign-on for 32 applications
  • Full observability with Prometheus, Grafana, Loki, AlertManager, and Alloy agents
  • CrowdSec IDS/IPS with Traefik bouncer and Wazuh SIEM for threat detection
  • Automated backup verification with S3 storage and weekly restore testing

Implementation

Phase 1: Core Infrastructure

Provisioned Hetzner servers, deployed Dokploy orchestration, configured Traefik with automatic SSL, and established Cloudflare DNS. Set up private networking between servers.

Phase 2: ERP & Applications

Deployed multi-version Odoo ERP (v13 HRIS, v16 core with 172+ modules, v17 B2B portal), data platform (Airflow, dbt, ClickHouse, Metabase), and collaboration suite (Mattermost, Plane, Jitsi).

Phase 3: Identity & Security

Implemented Authentik SSO for 32 applications, CrowdSec with distributed agents and Traefik bouncer, and Wazuh SIEM for centralized threat detection.

Phase 4: Observability & Ops

Deployed Prometheus + Grafana + Loki monitoring stack with Alloy agents on every server. Built automated backup verification, RTO measurement, and DR runbooks.

Results

$100-300K/yr
SaaS Savings
Replaced 20+ SaaS subscriptions with self-hosted alternatives
45+
Services Deployed
Running across 20+ Hetzner servers with Dokploy orchestration
99.9%
System Uptime
With full observability and automated alerting
32 Apps
SSO Coverage
Single sign-on across all platforms via Authentik
100%
Data Sovereignty
All business data on owned infrastructure
<1 min
Detection Time
From incident to alert with Prometheus + AlertManager

Tech Stack

Dokploy
Docker
Traefik
Authentik
Prometheus
Grafana
Loki
AlertManager
Alloy
CrowdSec
Wazuh
Hetzner
Cloudflare
PostgreSQL
S3
Timeline
12 months (ongoing)
Team
1 Infrastructure Architect / IT Manager