Infrastructure engineer with a deep bias toward self-hosting, automation, and keeping things minimal. I spend my time wiring up containers, writing deploy pipelines, and making sure nothing pages me at 3 AM.
See what I've been buildingThe stack I reach for, day in, day out.
Compose stacks, multi-stage builds, private registries. Everything containerized, nothing installed "just on the host."
Debian-flavored. systemd units, cron, shell scripts, and the occasional kernel parameter tuning when things get interesting.
Workflow automation glue. Webhooks, API chaining, conditional logic — replacing fragile bash scripts one node at a time.
CI/CD pipelines, scheduled tasks, sync jobs, alerting hooks. If a human is doing it twice, it should be a script.
Vaultwarden, Gitea, monitoring stacks, media servers. Owning the infrastructure means owning the data.
Reverse proxy configs, TLS termination, rate limiting, and the quiet satisfaction of a clean server block.
A few things I've built or maintain.
Automated daily sync from Bitwarden cloud to a self-hosted Vaultwarden instance. Encrypted exports, purge-and-reimport pipeline, failure alerting via n8n webhook.
Zero-downtime deployment workflow for containerized services. Git push triggers build, test, and rolling update across staging and production environments.
Prometheus, Grafana, and custom exporters monitoring a fleet of self-hosted services. Alerting routes to Matrix and email on SLA breach.
CLI tool that scaffolds reverse proxy configs with TLS, security headers, and rate limiting. Outputs clean, auditable server blocks.
Always open to interesting infrastructure challenges.
If you're working on something that needs solid infrastructure, reliable automation, or you just want to talk shop about self-hosting — I'd like to hear about it. I'm most responsive over email, but you can also find me on the platforms below.