my ideal stack for pubnix fedi instance
debian testing "sid" or equivalent in devuan, antix etc.latest php8, mariadb, apcu, libvips,
nginx in a chroot following arch's convention
Tor and i2p ofc
all http traffick goes through nginx, then handed off to the session manager php, the root is /var/www, the design i'm working with is a bit of a hybrid of an MVC and front-end back-end setup, the /var/www/web frontend is read only by http, backend controllers and media, is not exposed in web dir
So there's the main index.php that routes all web traffick and presents the front page, but say you go to /calandar the index.php of /var/www/web/calandar/ first routes traffick through the main index.php and that then directs you to /var/www/ctrl/calandar.php the calandar controller, one the basic user login and moderation interface is set up you can basically have infinite controllers, that could do whatever you want, getting basis user management and crud set up is all you need.
webdav based user directories in in /home are simlinked to ~/username, user accounts are to be integrated with ssh somefucking way, maybe use pam or cerebus or whatever
ZERO NodeJS or some other garbage language like exlixer, Client side javasript is written in VanJS
Python for administrative scripts, shouldn't be used for web stuff, all web traffick to website should be handled within the php MVC, having a bunch of different web servers on the same website is asking for trouble
Backend services like Email, NNTP, IRC, Git, Gopher, (Gemini?) should be handles by an external service written in a compiled langauge like Rust, Lisp, C++, or C, in that order. CyrusIMAP, UnrealIRCd and Gophernicus all look fine,
IPTables and other standard hardening obviously
I reckon that's about all i need