(no title)

The stack: Hetzner VPS provisioning from snapshots, 5-layer Traefik routing with Redis provider, Nginx reverse proxy that kept silently breaking SSE streams, Docker container isolation with a writable-layer commit strategy, and a config migration registry to handle crash loops at 2 AM.

Some highlights from the article:

- Why `proxy_buffering off` alone doesn't fix SSE through Nginx (you need a re-framing buffer) - Docker's `cp` command silently refuses symlinks — cost me a day - ZeroTier + `nsenter` for injecting routes into running containers without restart - Snapshot-based provisioning: ~3 min cold, ~30s with pre-warmed pool - Per-request LLM billing with included token allowances per tier

Built as a solo developer alongside a full-time job. The whole thing runs in a single Rails monolith.