// systems & full stack

Deep-Rooted Systems Expertise
for the Modern Web.

Open to work 1099 contract Direct hire Remote-first, MA/NH on-site the right opportunity adjusts the parameters

// capabilities

What I Build

Systems Engineering

Low-level GNU/Linux development -- custom kernel configurations, hardened initscripts, specialized device firmwares, and embedded builds. Every system is tuned from the toolchain up for its exact workload and threat model.

Gentoo · Sourcemage · Lunar · LEDE · ALFS/CLFS · Buildroot · Yocto · Custom ToolChains

AI & Automation

End-to-end LLM pipeline construction. Model fine-tuning with PyTorch, LoRA/QLoRA via bitsandbytes and peft. Inference served through Ollama, vLLM, and llama.cpp with GPU partitioning and batch scheduling. RAG systems wired with LangChain over ChromaDB or Qdrant vector stores. Embedding generation with sentence-transformers, quantized export through ONNX Runtime for edge inference. Automated workflows connecting model outputs to production APIs and monitoring via MLflow.

Ollama · PyTorch · vLLM · llama.cpp · LangChain · ChromaDB · Qdrant · sentence-transformers · ONNX Runtime · bitsandbytes · peft · MLflow

Virtualization

Full lifecycle management of libvirt/KVM, Proxmox, and Incus environments. Container workloads on LXC, Docker, and containerd with firecracker micro-VM isolation for untrusted codepaths. Scaling from single bare-metal hosts to distributed multi-node clusters.

libvirt · KVM · Proxmox · Incus · LXC · Docker · containerd · firecracker

DevOps / SRE

Full observability stacks -- metrics ingestion with Prometheus and VictoriaMetrics, log aggregation with Loki, distributed tracing with Tempo, alert routing through Alertmanager. Dashboards in Grafana with quantitative analysis and data visualization for complete stack visibility. Long-term storage and horizontal scaling via Thanos.

Prometheus · Grafana · Loki · Tempo · Alertmanager · VictoriaMetrics · Thanos

Web Dev / eCommerce

Full-stack web applications with a focus on eCommerce platforms. Laravel backends with Bagisto storefronts, real-time UI via Livewire and Alpine.js, and SPA architectures through Inertia.js. Database layer on PostgreSQL with Redis for session and cache. Caddy-terminated with automatic TLS from staging through production.

Laravel · Bagisto · Livewire · Alpine.js · Inertia.js · PostgreSQL · Redis · Caddy

Custom Hardware

Bespoke computer systems -- consumer workstations, enterprise servers, edge compute nodes, and AI training rigs. Component selection matched to workload profiles, thermal design, IPMI/BMC out-of-band management, PXE boot provisioning, and burn-in stress testing before deployment.

Server · Edge · AI/GPU · Workstation · IPMI/BMC · PXE

NOC / Datacenter

On-site NOC and datacenter services across Massachusetts and New Hampshire. Hardware provisioning, structured cabling, rack-and-stack, PDU and UPS management, fiber runs with SFP+ optics, cross-connects, thermal assessment, and incident response.

MA · NH · On-site · PDU · UPS · Fiber · SFP+ · Cross-connects

Network Security

Cisco Meraki dashboard-managed switching and wireless, Mikrotik RouterOS for BGP routing and traffic shaping, OPNsense and pfSense for stateful firewalling with custom rulesets. VPN tunnel orchestration, VLAN segmentation, IDS/IPS deployment, and DNS-level threat filtering.

Cisco Meraki · Mikrotik · OPNsense · pfSense · BGP · VPN · VLAN · IDS/IPS

Hardened Cloud Infrastructure

Caddy and Nginx orchestration with LAMP/LEMP stacks. Kernel-level hardening with NF-tables, eBPF for runtime syscall filtering, mandatory access controls via grsec/pax, and application-layer threat mitigation through CrowdSec and Fail2Ban. Automatic certificate rotation with ACME.

Caddy · Nginx · NF-tables · eBPF · ACLs · grsec/pax · CrowdSec · Fail2Ban · ACME

// forge

Projects

Open-source work from the DCOS.NET forge

AI Local Stack Control (AI-LSC)

Python / PySide6

A PySide6 desktop application for orchestrating local AI/ML tool stacks across a 13-layer architecture. Discover, configure, launch, and manage 121 tools spanning GPU runtimes and inference engines through agent frameworks and container deployment targets. Includes a drag-and-drop Stack Editor, pre-configured templates for Claude Code and self-hosted LLM labs, real-time system health monitoring, and multi-backend launch via systemd, tmux, or LXC containers.

PySide6OllamavLLMDockerLXCLangChainCrewAIsystemd
View on Forgejo

Fester

Python / FastAPI

A distributed, DAG-driven build execution system with real-time scheduling, thermal/load awareness, cache-aware execution, and deterministic replay. Picks the best node for each action based on CPU load, temperature, and policy constraints. Every build session is journaled to SQLite with full WebSocket event streaming. Post-hoc causal reasoning layer traces failure chains backward and computes forward blast radius across the cluster.

FastAPISQLiteWebSocketDockerPrometheusMinIODAGAGPLv3
View on Forgejo

MCP Drift State Tracker

Python

An industrial-grade Model Context Protocol server that enforces code completeness, intercepts context erosion, and neutralizes LLM laziness across multi-language repository workspaces. Uses native AST compilation parsing and deterministic brace scoping to capture explicit footprints of every class, function signature, and package dependency. Eliminates the laziness trap and truncation trap in local model workflows.

MCPASTOllamaAiderLangChainClaude Code
View on Forgejo

Build Tool Chain (BTC)

Bash / Shell

A bare-metal, cleanroom toolchain generation engine for sovereign infrastructure. Built to LFS 13.0 stable standards (Binutils 2.46, GCC 15.2, Glibc 2.43). Every binary receives an immutable ELF note linking it to the specific hardware and forge environment that created it. All compilation occurs in volatile ramfs mounts for zero I/O wear, with integrated thermal telemetry to prevent runaway during LTO phases.

GCCBinutilsGlibcLFSELFramfsAGPLv3
View on Forgejo

4 open-source projects

// reference

Guides & Materials

Checklists, spreadsheets, configs, and research