April 2, 2025

What is our infrastructure for EspoCRM?

Our Infrastructure

We’ve built our infrastructure to be cost-effective, reliable, and scalable. Here’s a breakdown of how we’ve set things up to optimize EspoCRM for performance and security.

Server Setup

We rely on Hetzner as our server provider. Our setup includes a VPS with 4vCPU Arm64, 8 GB RAM, and 80 GB of local disk space. At just 5.99 EUR per month, it’s an incredibly affordable solution that meets our needs without breaking the bank. We’re using Ansible to automate deployment of our services.

Configuration

Our EspoCRM instance runs as a Docker container, which allows us to keep things lightweight and efficient. We’ve customized our stack to optimize performance, making EspoCRM faster and more flexible. Instead of relying on traditional cron jobs, we use Websockets and Daemon for real-time updates and smoother operations.

To further enhance our setup, we’ve integrated external object storage with EspoCRM. This not only improves performance but also ensures our data is managed efficiently.

Authentication

To ensure secure and streamlined access to our services, we leverage Authentik as our centralized Single Sign-On (SSO) and Identity Provider (IdP). This modern, self-hosted solution enhances security while simplifying user management across our entire ecosystem, including EspoCRM and other integrated tools.

Key Features & Benefits

  • Unified Access Control: Single sign-on (SSO) allows users to log in once and access multiple services without repeated authentication.
  • Enhanced Security: Multi-Factor Authentication (MFA) and password policies ensure robust protection.
  • Granular Permissions: Role-based access control (RBAC) lets admins assign permissions at the user or group level.
  • Self-Service & Automation: Users can reset passwords or enroll in MFA via a self-service portal.
  • Audit & Compliance: Detailed logs track every authentication attempt and admin action.

Backups

Data safety is a top priority for our organization. To safeguard against data loss, corruption, or disasters, we implement a multi-layered backup strategy that combines automated daily backups, geographic redundancy, and encryption.

Backup Strategy

  • Daily EspoCRM Backups: Full backups of the EspoCRM instance are performed daily using restic, a fast and secure backup tool.
  • Redundant Storage Locations: Backups are uploaded to Azure Blob Storage and replicated to additional offsite locations.

Monitoring

To ensure the reliability and availability of our services, we maintain a self-hosted instance of Uptime Kuma. This lightweight yet powerful monitoring tool allows us to track uptime, receive instant alerts, and view historical data.

Summary

This infrastructure has been a game-changer for us, balancing cost, performance, and reliability. If you’re considering a similar setup, we hope this gives you some useful insights! Need help with your EspoCRM setup? Contact us for expert assistance.

Recent posts

Table of Contents

Unlock Your

25% Discount

Sign up and use code BLACKWEEK for an instant discount!
Click here to get more information.

Skip to content