Technology stack

Tools that have earned their place.

No logo cemetery. We list what we actually run in production — and briefly why. Decisions sit on an 18-month horizon, not the next GitHub trend.

/01

Frontend & interface

Server-first, minimal JS footprint, real i18n — no 200 kB client bundles for a marketing page.

Next.js 15 (App Router)RSC by default, Turbopack in dev
TypeScript 5Minimise runtime surprises
Tailwind v4Visual consistency without CSS-module chaos
shadcn/ui (eigene Forks)Copy-own instead of npm dependencies
next-intlReal URL prefixes /de/* /sr/*
MDXContent ops for case studies

/02

Backend & API

Validation and OpenAPI come from the same code. No after-the-fact documentation theatre.

FastAPIPydantic schemas + OpenAPI 3.0 out of the box
Uvicorn (multi-worker)MALLOC_ARENA_MAX tuned, daily auto-restart
Node 20 LTSFor frontend-adjacent services
JWT · OAuth2Standard — we don't reinvent the wheel
Rate-LimitingPer key + per IP, never just one of the two

/03

Data & storage

PostgreSQL can do more than most teams realise. We rarely leave it.

PostgreSQL 15+Transactional + JSONB — usually enough
PgBouncerPool exhaustion is not destiny
AlembicSchema migrations with rollback discipline
RedisCache & queues — not a primary-DB replacement
Idempotente ETLShard-based, mini-batch, re-runnable
PlaywrightFor anything that only exists in a browser

/04

Machine learning

Models that stay in production. We avoid frameworks that aren't reproducible.

PyTorchLSTM, transformer — anything we train ourselves
XGBoostStill gold for tabular features
scikit-learnFeature engineering, baselines, validation
hmmlearnRegime detection, transparent states
FRED · yfinance · EDGARPrimary sources for macro and market data
MLflow-kompatible ArtefakteModel versioning is required, not optional

/05

Smart contracts & DeFi

100 % contract coverage before a single line hits mainnet. Audit reports as a gate, not decoration.

Solidity 0.8.24+Latest stable, no experimental forks
Hardhat + FoundryHardhat for the pipeline, Foundry for fuzzing
OpenZeppelinYou don't hand-roll access control
The Graph (Subgraphs)Event indexing as a standard
Ethers.js v6Wallet and chain interaction
Arbitrum · EVM-kompatibelL2 by default, mainnet when required

/06

Infra & DevOps

Reproducible, patchable, observable. No bespoke cloud-YAML rituals without a reason.

Docker ComposeDev on one node, prod on several
systemdBecause it simply works on Linux
cron + daemon-keeperScheduling without the complexity tax
nginxReverse proxy + TLS termination
Let's Encrypt (certbot)Auto-renewal via systemd timer
GitHub ActionsCI/CD with coverage gates
TailscaleZero-trust mesh for server-to-server

/07

Observability & alerting

If it wasn't logged, it didn't happen. Metrics, alerts and health checks belong in the first PR.

Prometheus + GrafanaStandard metrics stack, nothing exotic
Structured logs (JSON)greppable + machine-parseable
Telegram Bot APIAlert delivery without an enterprise paging stack
UptimeRobot / Health-ChecksExternally verified, not just internally
Auto-Healer-ScriptsSelf-healing before operator intervention

What we don't use

And why not.

Positioning includes what you leave out. These tools have their place — but not in every project, and rarely as first choice. We are honest when the answer is no.

✗

Kubernetes (für Teams < 10)

Over-engineering without a payoff. 90 % of production stacks run happily on Docker Compose + systemd.

✗

NoSQL als Primary Database

Schema evolution, joins, transactions — SQL is right most of the time. NoSQL goes on top, not instead.

✗

Agentur-CMS (WordPress & Co.) für Produkt-Software

Inflexible for custom logic, expensive lock-ins, plugin hell. OK for a plain corporate site — not for a product.

✗

Bleeding-Edge JS-Frameworks ohne Production-Proof

We pick tools on an 18-month horizon, not by GitHub trend. Proof before hype.

✗

Manuelles Deployment via SSH + scp

Not reproducible, not auditable, not rollback-able. Every deploy session produces technical debt.

✗

Mocks für Integrations-Tests gegen externe APIs

Mocks lie about reality. Contract tests against real sandboxes — or nothing.

Stack fits?

See how this stack looks in production — or tell us what you need.

Active cases Start a conversation→