Professional Services

Infrastructure, automation & web engineering that ships.

We build and run production systems for tech companies and small businesses — Linux infrastructure and secure hosting, modern websites, CI/CD and release automation, and Ansible-driven configuration management. Reliable, secure, and documented work, from first commit to live deploy.

200+
Automated checks per release
HTTPS
TLS, HSTS & CSP by default
1‑cmd
Repeatable, safe deploys
100%
Static, low attack surface

Infrastructure & Hosting

Linux servers, hardened and online

Provisioning, web servers, TLS, and the operational glue that keeps sites up and secure.

Production Web Hosting

Apache · Let's Encrypt · security headers

A live site served from a hardened Apache virtual host: trusted Let's Encrypt TLS with automatic renewal, forced HTTP→HTTPS, HSTS, a tuned Content-Security-Policy, and the rest of the modern security-header set — all on a shared document root managed without ever disturbing the neighbouring sites.

  • Linux
  • Apache
  • Let's Encrypt
  • Security Headers

Self-Hosted Analytics

GoAccess · cron · auth

A privacy-respecting, historical traffic dashboard built on GoAccess with an on-disk database. A custom ingestion script feeds only new log bytes (rotation-aware, no double counting), a cron job refreshes it on a schedule, and the report is locked behind HTTP Basic Auth with its own scoped CSP.

  • GoAccess
  • Bash
  • Cron
  • HTTP Auth

Web Development

Fast, accessible, search-friendly websites

Hand-built front-ends with a real design system — no bloated frameworks, no tracking baggage.

Portfolio Platform

HTML5 · CSS3 · vanilla JS

A responsive marketing site built on a custom CSS design system: a data-driven project catalog with tag filters, generated SVG artwork, complete SEO (JSON-LD, Open Graph, sitemap, OG images) and accessibility baked in — skip links, focus states, and reduced-motion support.

  • HTML5
  • CSS3
  • JavaScript
  • SEO & a11y

Long-Form Document Theming

Readable manuals & rulebooks

Source documents turned into polished, readable web pages — themed typography, sticky tables of contents with scroll-spy, responsive tables, callouts and stat-block cards. Great for documentation, handbooks, and long technical content.

  • HTML
  • CSS
  • Typography
  • UX

CI/CD & Release Automation

Repeatable pipelines, tested before they ship

Automated builds, automated checks, and one-command deploys that are safe to run again and again.

Safe Deploy Pipeline

Bash · rsync · release automation

An idempotent release script: per-item rsync with scoped ownership fixes (safe on a shared host), config validation before reload, and post-deploy health checks. Deploying is one command — and running it twice changes nothing it shouldn't.

  • Bash
  • rsync
  • Release Automation
  • Linux

Automated Build & Test

Python · quality gates

A Python build pipeline that turns source documents into clean semantic HTML, paired with a dependency-free resilience suite — 200+ checks covering markup integrity, broken links and missing assets, security headers, path-traversal, and malformed-input handling — gating every change before it goes live.

  • Python
  • Automated Testing
  • Security Checks
  • Build Tooling

Configuration Management

Infrastructure as Code

Reproducible infrastructure from version-controlled code — servers provisioned with Terraform and configured with Ansible, not tribal knowledge.

Server Provisioning & Hardening

Ansible · YAML · IaC

Idempotent Ansible playbooks that bring a fresh host to production: packages and users, SSH and firewall hardening, web server and TLS, and automated certificate renewal. Run them against one box or a fleet — the result is the same, every time, and reviewable in git.

  • Ansible
  • YAML
  • Linux
  • Infrastructure as Code

Server Provisioning with Terraform and AWS

Terraform · AWS · IaC

A minimal, reproducible Terraform configuration that provisions the smallest free-tier-eligible AWS EC2 instance — the latest Amazon Linux 2023, a public IP, and a security group open for SSH, HTTP and HTTPS — from version-controlled .tf files. AWS-only and scoped to exactly one VM, with no credentials in the code: stand it up with terraform apply and tear it all down with terraform destroy.

  • Terraform
  • AWS
  • EC2
  • Infrastructure as Code

Server Provisioning with Terraform and Azure

Terraform · Azure · IaC

A reproducible Terraform configuration that provisions one Azure Linux VM running Ubuntu 24.04 LTS — and, because Azure has no default network, the whole stack it needs: resource group, virtual network, subnet, public IP, security group and NIC. Scoped to exactly one VM, with no credentials in the code: terraform apply to create it, terraform destroy to tear it down.

  • Terraform
  • Azure
  • Linux VM
  • Infrastructure as Code

Server Provisioning with Terraform and GCP

Terraform · Google Cloud · IaC

A reproducible Terraform configuration that provisions one Always Free GCP e2-micro VM running Ubuntu 24.04 LTS in its own self-contained VPC — a subnet, tag-targeted firewall rules for SSH/HTTP/HTTPS, and an ephemeral public IP. Scoped to exactly one VM, with no credentials in the code: terraform apply to create it, terraform destroy to tear it down.

  • Terraform
  • GCP
  • Compute Engine
  • Infrastructure as Code

Server Provisioning with Terraform and OCI

Terraform · Oracle Cloud · IaC

A reproducible Terraform configuration that provisions one Always Free Oracle Cloud VM running Ubuntu 24.04 LTS — and, like Azure, the whole network stack it needs: VCN, internet gateway, route table, security list and subnet. Scoped to exactly one VM, with no credentials in the code: terraform apply to create it, terraform destroy to tear it down.

  • Terraform
  • OCI
  • Linux VM
  • Infrastructure as Code

Multi-Cloud Provisioning with Terraform

Terraform · AWS / Azure / GCP / OCI

One Terraform configuration that stands up a VM in all four clouds at once — AWS, Azure, GCP and OCI — by composing the four single-cloud modules as children. A single terraform apply brings up all four; a single terraform destroy tears them down. Run with -parallelism=1 so the clouds proceed one after another, with no cross-cloud races.

  • Terraform
  • Multi-Cloud
  • Modules
  • Infrastructure as Code

Maintenance & Hardening

Patching · backups · monitoring

Ongoing care for the servers you depend on: scheduled patching, certificate and renewal monitoring, log review, backups, and a documented runbook so the next person (or the future you) can pick it up without guesswork.

  • Hardening
  • Backups
  • Monitoring
  • Documentation

Application Delivery

From four VMs to a running app, everywhere at once

Provisioning is only half the job — the other half is the software that runs on it. This configuration stands up the VMs and installs, configures and serves a real application on every one, all from the same terraform apply.

Multi-Cloud App Deployment with Terraform

Terraform · cloud-init · AWS / Azure / GCP / OCI

One Terraform configuration that provisions a free-tier VM in all four clouds and installs the same web application on every one — cloned, dependency-installed, and served over HTTPS on port 443 by a systemd-managed gunicorn, all via a shared cloud-init bootstrap. It composes the four single-cloud modules and adds the one new idea — app installation on first boot — so a single terraform apply -parallelism=1 takes you from nothing to four running app servers, and terraform destroy takes it all back down.

  • Terraform
  • cloud-init
  • Multi-Cloud
  • App Deployment

Toolkit

Technologies we work with

  • Linux
  • Apache
  • Nginx
  • Let's Encrypt / TLS
  • Bash
  • Python
  • Ansible
  • Git
  • CI/CD
  • rsync
  • Cron
  • Docker
  • HTML5
  • CSS3
  • JavaScript
  • SEO
  • Accessibility
  • Security Hardening

Have a project or a server that needs a steady hand?

Whether it's standing up infrastructure, building a site, automating deploys, or taming a tangle of manual steps — let's talk about what you need.