← McGill Solutions

How it's built

Platform architecture

mcgill-solutions.com is a small suite of independent web apps that share one cloud server, one web tier, one secrets store, and one mail sender. Here's the shape of it.

The suite

Three hosts, one box. Each app is independent — its own repo, its own deploy, its own data — but they all sit behind a single reverse proxy.

🌐
VisitorHTTPS request to a *.mcgill-solutions.com host
🧭
nginx reverse proxyterminates TLS, routes by hostname
🏠
rootmcgill-solutions.comportfolio — static
📈
appstonks.trading dashboard — app server
🗺️
appforeigndly.applanguage kits — static, /croatia…

The stack

Deliberately small and boring — the fewest moving parts that do the job.

☁️ One cloud VM

A single Google Cloud virtual machine (Ubuntu, Python). Sole host — no Kubernetes, no fleet. Easy to reason about.

🧭 nginx

One reverse proxy fronts every host: serves static apps from disk and proxies dynamic apps to their local app server.

🔒 Auto-renewing TLS

Let's Encrypt certificates via certbot — one certificate covers every host and renews itself, no manual steps.

🔑 Secrets vault

Every credential lives in Google Secret Manager and is resolved at runtime. Nothing sensitive is ever committed to git or kept on disk in plaintext.

✉️ Transactional email

Outbound mail goes through Resend on the verified domain — used today for automated reports, available to any app in the suite.

🗂️ Per-app repos

Each app is its own private Git repository; a master repo holds the shared architecture, the root site, and the links between them.

How we build & run it

A handful of conventions every app follows, so the next one is easy to add.