(diagram image is outdated)
check: how-to-connect-pgadmin4-to-db-through-ssh-tunnel-with-public-key-authentication
Nginx-keepalive: Here
fail2ban: https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04
Secure a containerized nodejs application with nginx: Here
Logfiles with logrotate on ubuntu: Here
Secure environment_variables in yaml: Here
$ sudo cat /var/log/auth.log
If you want to check for compromise, look at wtmp (type who), and look at the system logs. Audit records in syslog (like "session opened for user james") will shed some light.
$ who
You could also look for users you do not recognize, and inspect traffic and connections
$ netstat -nvlp