Systems, Security, and Self-Hosting.

"Welcome to my lab. I’m a DevOps Engineer with a passion for building resilient, self-contained infrastructure.

I believe that the best way to truly understand a system is to own the entire stack. This site serves as a technical log of my efforts to host production-grade tools—like Ghost, Nextcloud and Bitwarden—on my own terms. My focus is on high-availability, automated backups, and 'Zero-Knowledge' architecture. If you're interested in Docker orchestration, SSL hardening, or escaping the SaaS subscription loop, you’re in the right place."

My Self-Hosting Manifestos: The Principles of Sovereignty
Self-hosting is more than just running a server; it is a commitment to a set of standards. To ensure my data remains secure, accessible, and truly mine, I follow these five core principles:

1. Zero-Knowledge by Design
   I only host tools that prioritize end-to-end encryption. In my stack, the server acts as a "dumb" vault. Whether it’s Bitwarden or my database backups, the sensitive data is encrypted before it hits the disk. If an attacker gains physical access to my server, they should find nothing but unreadable cipher-text.
2. The Transparency Standard
   Proprietary black boxes are a liability. My principle is to only use Open Source software. Being able to audit the code—or relying on a global community that has already done so—is the only way to ensure there are no "backdoors" or sloppy security implementations hidden behind a corporate UI.
3. Encapsulated Orchestration
   I treat my server like an immutable infrastructure. Every service must be Containerized (Docker).
4. Isolation A vulnerability in my Ghost blog should not grant access to my Bitwarden vault.
5. Portability I should be able to move my entire digital life to a new provider in under 30 minutes by simply moving my volume data and running docker-compose up.