Projects

Featured work in Linux systems, infrastructure automation, and security.

These projects demonstrate my hands-on experience with building resilient, secure systems across different environments - from homelab setups to enterprise infrastructure and IoT devices.

Self-hosted Services on VPS & Homelab

Built a custom infrastructure stack with Docker, WireGuard VPN, and monitoring, cutting recurring costs by 75% while achieving full data ownership.

Key Achievements:

  • Built and configured a custom linux server and dedicated router for stable, high-performance networking.
  • Deployed a multi-site containerized stack using Docker across an Oracle Compute VM instance and a homelab.
  • Implemented secure remote access with WireGuard VPN, iptables firewall rules, and Cloudflare Tunnel.
  • Deployed a web stack with Caddy (auto-SSL, HTTP/3, Cloudflare DNS) alongside Prometheus/Grafana for monitoring.
  • Managed Oracle Cloud VCN/VNIC setup, security lists, and automated system/kernel updates.
  • Replaced commercial tools with self-hosted cloud storage, streaming, and password managers—cutting recurring costs by 75% and achieving full data ownership.
LinuxDockerWireGuardOracle CloudPrometheusGrafanaCaddyInfrastructure

VPN Deployment on Resource-Constrained IoT Devices

Designed and implemented IoT security infrastructure using WireGuard VPN across ESP32, ESP8266, and Raspberry Pi devices with MQTT integration.

Key Achievements:

  • Designed and implemented comprehensive IoT security infrastructure using WireGuard VPN across ESP32, ESP8266, and Raspberry Pi devices, with MQTT protocol integration.
  • Developed automated Python test frameworks to benchmark Round-Trip Time, throughput, and power consumption across TLS, WireGuard, and unencrypted configurations.
  • Proved WireGuard's viability for resource-constrained IoT devices through rigorous performance testing, demonstrating no significant overhead in latency, throughput, or power consumption.
  • Enhanced network security through VLAN isolation and WireGuard implementation, reducing exposed ports by 66% as validated through Nmap vulnerability scanning.
IoTWireGuardPythonESP32ESP8266Raspberry PiMQTTSecurity

Multi-tenant SaaS Platform Development

Developed a secure multi-tenant SaaS platform with Next.js, React, TypeScript, and Firestore, featuring real-time data sync and role-based access control.

Key Achievements:

  • Developed a multi-tenant SaaS platform using Next.js, React, TypeScript, and Firestore, with real-time data sync, role-based access control, and Xero API integration for automated financial workflows and AI-driven analytics.
  • Architected and deployed a Large Language Model service with Ollama on a Google Compute Engine VM, leveraging GPU acceleration to cut prompt latency by 4 seconds per prompt.
  • Enhanced platform security by integrating Snyk for automated vulnerability scanning, Cloud Secret Manager for credential management, and Sentry for real-time error monitoring, catching over 80% of runtime issues pre-deployment.
  • Designed and maintained CI/CD pipelines using GitHub Actions, Cloud Run, and Cloud Build, with least-privilege service accounts for secure service-to-service IAM based auth, reducing average deployment downtime by 10 minutes.
Next.jsTypeScriptReactFirestoreGCPCI/CDSecurityCloud Run