-
🔭 I’m a Platform Engineer focused on building and managing CI/CD pipelines, internal tooling, and scalable infrastructure. Day to day that means everything from writing automation to bench-testing hardware and making sure software gets from dev to production reliably. Currently that includes ROS 2 (Jazzy) pipeline infrastructure in the subsea/marine robotics space — Debian packaging with bloom and debhelper, Aptly-managed package repositories with GPG signing and environment promotion, and Fast-DDS discovery server configuration for distributed development teams.
-
🔧 I work across the full stack of infrastructure — containers, virtualisation (ESXi, Proxmox, vSphere), IaC (Ansible, Terraform, Packer), and GitOps — with a strong lean towards automating anything that shouldn’t be done by hand. Prior to my current role I was a Linux Sysadmin, so I’m just as comfortable racking servers and hardening systems as I am writing pipelines.
-
👥 I collaborate closely with software and engineering teams, and have worked across vendors, procurement, and SoC teams to keep projects moving. Happy switching between writing technical docs on Confluence, reviewing pipelines, or configuring switches and firewalls depending on what the day calls for. I also integrate AI tooling (Claude, GitLab Duo, Microsoft Copilot) into engineering workflows — pipeline automation, code review assistance, documentation, changelog generation, and infrastructure work. A force multiplier, not a substitute for understanding what's actually going on.
-
🌍 I've worked my way up through infrastructure roles across high-stakes sectors like defence, energy, transport, and telecoms — picking up everything from large-scale VDI environments to Linux systems engineering along the way. I'm also a fluent Brazilian Portuguese speaker, which has come in handy supporting global and multilingual teams throughout.
-
⚡ Outside of work I run a two-node Proxmox cluster (Samwise + Frodo) with 20+ VMs and LXC containers, ZFS storage, a dedicated Proxmox Backup Server, and a self-hosted GitHub Actions runner that ties it all into real CI/CD pipelines. IaC VMs for Packer, Ansible, and Terraform are spun up on demand from cloud-init templates I build and maintain myself. Ansible is my go-to for automating it all — I've also picked up both the Ansible Essential and Advanced Playbooks certifications to back that up.
-
🧟 For nearly a decade I helped organise World Zombie Day — a global charity event that raised money for food banks through city-wide zombie walks. Coordinating sponsors, volunteers, routes, and day-of logistics across London, UK was genuinely great experience, and a lot of fun.
-
🧑🤝🧑 I'm active in the open source community — opening PRs, contributing commits, reviewing code, and raising issues and bug reports across projects I use and care about. Not just a consumer.
-
✍️ I write up what I learn over on OmegaWiki — mostly Linux, Docker, and homelab guides.
|
Operating Systems Shell Editors |
Containers & CI/CD Robotics Virtualisation Source Control |
Hardware & Other Enterprise Systems Project Management AI Tooling |
| Project | Description | Stars |
|---|---|---|
| public_scripts | A collection of practical scripts covering Proxmox automation, Docker management, server administration, and media processing — built for real use and shared publicly with sensitive values scrubbed | |
| docker-borgmatic (co-maintainer) | Multiarch Docker container packaging Borg, Borgmatic, and Apprise for automated backup orchestration with container stop/start hook support — part of the official borgmatic-collective. 7.2M+ pulls on Docker Hub | |
| docker-borgmatic (personal fork) | Self-maintained fork of the above with custom builds and personal modifications running on S6 Overlay, supporting amd64 and arm64 |
|
| cibuildwheel | CI pipeline that builds Python wheels for packages missing from PyPI, used to supply dependencies for the docker-borgmatic image — packages published to Cloudsmith |
Two-node Proxmox cluster backed by a dedicated Proxmox Backup Server, ZFS on both nodes, and an Unraid NAS for secondary storage. The PBS doubles as a QDevice — third vote in the quorum, keeping the cluster clean in a node failure without split-brain.
Everything is managed as code. Cloud-init templates are built with a custom script (multi-backend storage detection, SHA256 image verification, reusable config profiles) and kept current by a template update pipeline that patches source VMs concurrently via QEMU Guest Agent, handles reboots, then clones and converts to templates automatically.
Network infrastructure managed with Terraform, services provisioned with Ansible.
Samwise (primary — 20c / 256GB / ~1TB ZFS | IPMI for out-of-band management)
| Service | Type | Role |
|---|---|---|
| DNS + NTP (primary) | VM | Pihole + Unbound — full recursive DNS with DNSSEC validation, qname minimisation, DNS rebinding protection, and rate limiting. No upstream DNS dependency. Chrony NTP. HA primary — adlists synced to replica via Nebula-Sync |
| Home Automation | VM | Home automation |
| Cloud Storage | VM | Self-hosted cloud storage |
| Docker Server | VM | 50+ container Docker stack — media, productivity, security, and monitoring |
| NAS | VM | Network attached storage |
| IaC Server | VM | Ansible / Packer / Terraform (on-demand) |
| Backup Server | VM | Backup orchestration (on-demand) |
| HA-Proxy | LXC | SNI-based TCP routing to Proxmox UI + SPICE console proxy |
| CI/CD Runner | LXC | Self-hosted GitHub Actions runner |
Frodo (secondary — 4c / 32GB / ~100GB ZFS)
| Service | Type | Role |
|---|---|---|
| DNS + NTP (replica) | VM | Pihole + Unbound + Chrony NTP — HA replica, gravity and adlists synced from primary |
| Transcoding Node | VM | Automated media transcoding |
| APT Cache | LXC | Local APT package cache |
| Bastion | LXC | SSH jump host |
| Netboot | LXC | PXE / network boot server |
| Patch Management | LXC | Tracks and reports pending updates across all systems |
| IoT Builder | LXC | ESPHome firmware builds |
| HA-Proxy | LXC | SNI-based TCP routing to Proxmox UI + SPICE console proxy |
| Push Notifications | LXC | Self-hosted push notifications |
| Network Monitor | LXC | Network device tracking and new device detection |
Network (because the lab doesn't stop at the hypervisor)
Managed via a UniFi stack — everything named after Lord of the Rings characters because of course it is.
| Device | Model | Role |
|---|---|---|
| Gandalf | UDM Pro | Gateway / firewall — WireGuard VPN, SFP+ uplink to core switch |
| Gimli | USW Pro Max 24 PoE | Core switch — 10GbE SFP+ backbone, SFP+ uplinks to gateway and NVR |
| Faramir | USW Flex 2.5G 5 | 2.5G distribution switch |
| Morgoth | USW Lite 8 PoE | Access switch |
| Legolas / Aragorn | U6 Pro ×2 | Wi-Fi APs |
| Sauron | UNVR | Network video recorder — SFP+ uplink to core switch |
| Category | Detail |
|---|---|
| Protect | IP camera system — isolated on a dedicated camera VLAN |
| IoT | SLZB-MR1u (PoE) — standalone Zigbee + Thread/Matter coordinator |
| VLANs | Default · IoT · Guest · VM · Camera |
| Clients | Large number of devices spread across multiple VLANs |
The Docker server runs a 50+ container stack across three isolated networks — a main bridge, an outbound-only network, and a fully internal network with no external routing. All services sit behind Traefik (HTTP/3, dual internal/external entrypoints, Cloudflare wildcard TLS), with Authentik as the SSO layer and CrowdSec handling threat intelligence via both a Traefik bouncer and a Cloudflare Worker bouncer.
|
Media
Security & Access
|
Productivity
Monitoring & Management
Backup & CI/CD
|
🐱 My GitHub Data
📦 4.8 MB Used in GitHub's Storage
🏆 157 Contributions in the Year 2026
🚫 Not Opted to Hire
📜 56 Public Repositories
🔑 8 Private Repositories
I'm a Night 🦉
🌞 Morning 2516 commits ██░░░░░░░░░░░░░░░░░░░░░░░ 09.59 %
🌆 Daytime 6886 commits ███████░░░░░░░░░░░░░░░░░░ 26.24 %
🌃 Evening 8953 commits █████████░░░░░░░░░░░░░░░░ 34.12 %
🌙 Night 7884 commits ████████░░░░░░░░░░░░░░░░░ 30.05 %
📅 I'm Most Productive on Wednesday
Monday 3957 commits ████░░░░░░░░░░░░░░░░░░░░░ 15.08 %
Tuesday 4816 commits █████░░░░░░░░░░░░░░░░░░░░ 18.35 %
Wednesday 5353 commits █████░░░░░░░░░░░░░░░░░░░░ 20.40 %
Thursday 3167 commits ███░░░░░░░░░░░░░░░░░░░░░░ 12.07 %
Friday 3958 commits ████░░░░░░░░░░░░░░░░░░░░░ 15.08 %
Saturday 2970 commits ███░░░░░░░░░░░░░░░░░░░░░░ 11.32 %
Sunday 2018 commits ██░░░░░░░░░░░░░░░░░░░░░░░ 07.69 %
📊 This Week I Spent My Time On
🕑︎ Time Zone: Europe/London
💬 Programming Languages:
Markdown 4 hrs 47 mins ███████████░░░░░░░░░░░░░░ 44.10 %
YAML 1 hr 56 mins ████░░░░░░░░░░░░░░░░░░░░░ 17.93 %
Other 1 hr 13 mins ███░░░░░░░░░░░░░░░░░░░░░░ 11.21 %
sh 1 hr 10 mins ███░░░░░░░░░░░░░░░░░░░░░░ 10.85 %
JSON 27 mins █░░░░░░░░░░░░░░░░░░░░░░░░ 04.24 %
🔥 Editors:
Claude Code 8 hrs 48 mins ████████████████████░░░░░ 81.04 %
Zsh 1 hr 10 mins ███░░░░░░░░░░░░░░░░░░░░░░ 10.85 %
VS Code 26 mins █░░░░░░░░░░░░░░░░░░░░░░░░ 04.14 %
Notepad++ 25 mins █░░░░░░░░░░░░░░░░░░░░░░░░ 03.97 %
🐱💻 Projects:
docker-borgmatic 7 hrs 5 mins ████████████████░░░░░░░░░ 65.25 %
modem7 1 hr 57 mins ████░░░░░░░░░░░░░░░░░░░░░ 17.98 %
Unknown Project 1 hr 17 mins ███░░░░░░░░░░░░░░░░░░░░░░ 11.91 %
Docker 15 mins █░░░░░░░░░░░░░░░░░░░░░░░░ 02.36 %
docker-starwars 6 mins ░░░░░░░░░░░░░░░░░░░░░░░░░ 01.04 %
💻 Operating System:
Windows 9 hrs 41 mins ██████████████████████░░░ 89.15 %
Linux 1 hr 10 mins ███░░░░░░░░░░░░░░░░░░░░░░ 10.85 %
I Mostly Code in Shell
Shell 14 repos ███████░░░░░░░░░░░░░░░░░░ 26.42 %
Dockerfile 9 repos ████░░░░░░░░░░░░░░░░░░░░░ 16.98 %
Python 8 repos ████░░░░░░░░░░░░░░░░░░░░░ 15.09 %
JavaScript 4 repos ██░░░░░░░░░░░░░░░░░░░░░░░ 07.55 %
HCL 1 repo ░░░░░░░░░░░░░░░░░░░░░░░░░ 01.89 %
Last Updated on 05/07/2026 05:03:07 UTC
🎮 Steam playtime leaderboard
⚔️ Dota 2 🕘 2293 hrs 52 mins
🎮 HELLDIVERS™ 2 🕘 1077 hrs 19 mins
🎮 Creeper World 4 🕘 884 hrs 49 mins
🌏 Sid Meier's Civilization V 🕘 226 hrs 21 mins
🎮 Overwatch® 🕘 210 hrs 44 mins




