-
🔭 I’m a Platform Engineer focused on building and managing CI/CD pipelines, internal tooling, and scalable infrastructure. Day to day that means everything from writing automation to bench-testing hardware and making sure software gets from dev to production reliably. Currently that includes ROS 2 (Jazzy) pipeline infrastructure in the subsea/marine robotics space — Debian packaging with bloom and debhelper, Aptly-managed package repositories with GPG signing and environment promotion, and Fast-DDS discovery server configuration for distributed development teams.
-
🔧 I work across the full stack of infrastructure — containers, virtualisation (ESXi, Proxmox, vSphere), IaC (Ansible, Terraform, Packer), and GitOps — with a strong lean towards automating anything that shouldn’t be done by hand. Prior to my current role I was a Linux Sysadmin, so I’m just as comfortable racking servers and hardening systems as I am writing pipelines.
-
👥 I collaborate closely with software and engineering teams, and have worked across vendors, procurement, and SoC teams to keep projects moving. Happy switching between writing technical docs on Confluence, reviewing pipelines, or configuring switches and firewalls depending on what the day calls for. I also integrate AI tooling (Claude, GitLab Duo, Microsoft Copilot) into engineering workflows — pipeline automation, code review assistance, documentation, changelog generation, and infrastructure work. A force multiplier, not a substitute for understanding what's actually going on.
-
🌍 I've worked my way up through infrastructure roles across high-stakes sectors like defence, energy, transport, and telecoms — picking up everything from large-scale VDI environments to Linux systems engineering along the way. I'm also a fluent Brazilian Portuguese speaker, which has come in handy supporting global and multilingual teams throughout.
-
⚡ Outside of work I run a two-node Proxmox cluster (Samwise + Frodo) with 20+ VMs and LXC containers, ZFS storage, a dedicated Proxmox Backup Server, and a self-hosted GitHub Actions runner that ties it all into real CI/CD pipelines. IaC VMs for Packer, Ansible, and Terraform are spun up on demand from cloud-init templates I build and maintain myself. Ansible is my go-to for automating it all — I've also picked up both the Ansible Essential and Advanced Playbooks certifications to back that up.
-
🧟 For nearly a decade I helped organise World Zombie Day — a global charity event that raised money for food banks through city-wide zombie walks. Coordinating sponsors, volunteers, routes, and day-of logistics across London, UK was genuinely great experience, and a lot of fun.
-
🧑🤝🧑 I'm active in the open source community — opening PRs, contributing commits, reviewing code, and raising issues and bug reports across projects I use and care about. Not just a consumer.
-
✍️ I write up what I learn over on OmegaWiki — mostly Linux, Docker, and homelab guides.
-
📫 Reach me:
Operating Systems
Shell 
Editors 
|
Containers & CI/CD
Robotics 
Virtualisation 
Source Control 
|
Hardware & Other
Enterprise Systems 
Project Management 
AI Tooling 
|
| Project | Description | Stars |
|---|---|---|
| public_scripts | A collection of practical scripts covering Proxmox automation, Docker management, server administration, and media processing — built for real use and shared publicly with sensitive values scrubbed |  |
| docker-borgmatic (co-maintainer) | Multiarch Docker container packaging Borg, Borgmatic, and Apprise for automated backup orchestration with container stop/start hook support — part of the official borgmatic-collective. 7.2M+ pulls on Docker Hub |  |
| docker-borgmatic (personal fork) | Self-maintained fork of the above with custom builds and personal modifications running on S6 Overlay, supporting amd64 and arm64 |
 |
| cibuildwheel | CI pipeline that builds Python wheels for packages missing from PyPI, used to supply dependencies for the docker-borgmatic image — packages published to Cloudsmith |  |
Two-node Proxmox cluster backed by a dedicated Proxmox Backup Server, ZFS on both nodes, and an Unraid NAS for secondary storage. The PBS doubles as a QDevice — third vote in the quorum, keeping the cluster clean in a node failure without split-brain.
Everything is managed as code. Cloud-init templates are built with a custom script (multi-backend storage detection, SHA256 image verification, reusable config profiles) and kept current by a template update pipeline that patches source VMs concurrently via QEMU Guest Agent, handles reboots, then clones and converts to templates automatically.
Network infrastructure managed with Terraform, services provisioned with Ansible.
Samwise (primary — 20c / 256GB / ~1TB ZFS | IPMI for out-of-band management)
| Service | Type | Role |
|---|---|---|
| DNS + NTP (primary) | VM | Pihole + Unbound — full recursive DNS with DNSSEC validation, qname minimisation, DNS rebinding protection, and rate limiting. No upstream DNS dependency. Chrony NTP. HA primary — adlists synced to replica via Nebula-Sync |
| Home Automation | VM | Home automation |
| Cloud Storage | VM | Self-hosted cloud storage |
| Docker Server | VM | 50+ container Docker stack — media, productivity, security, and monitoring |
| NAS | VM | Network attached storage |
| IaC Server | VM | Ansible / Packer / Terraform (on-demand) |
| Backup Server | VM | Backup orchestration (on-demand) |
| HA-Proxy | LXC | SNI-based TCP routing to Proxmox UI + SPICE console proxy |
| CI/CD Runner | LXC | Self-hosted GitHub Actions runner |
Frodo (secondary — 4c / 32GB / ~100GB ZFS)
| Service | Type | Role |
|---|---|---|
| DNS + NTP (replica) | VM | Pihole + Unbound + Chrony NTP — HA replica, gravity and adlists synced from primary |
| Transcoding Node | VM | Automated media transcoding |
| APT Cache | LXC | Local APT package cache |
| Bastion | LXC | SSH jump host |
| Netboot | LXC | PXE / network boot server |
| Patch Management | LXC | Tracks and reports pending updates across all systems |
| IoT Builder | LXC | ESPHome firmware builds |
| HA-Proxy | LXC | SNI-based TCP routing to Proxmox UI + SPICE console proxy |
| Push Notifications | LXC | Self-hosted push notifications |
| Network Monitor | LXC | Network device tracking and new device detection |
Network (because the lab doesn't stop at the hypervisor)
Managed via a UniFi stack — everything named after Lord of the Rings characters because of course it is.
| Device | Model | Role |
|---|---|---|
| Gandalf | UDM Pro | Gateway / firewall — WireGuard VPN, SFP+ uplink to core switch |
| Gimli | USW Pro Max 24 PoE | Core switch — 10GbE SFP+ backbone, SFP+ uplinks to gateway and NVR |
| Faramir | USW Flex 2.5G 5 | 2.5G distribution switch |
| Morgoth | USW Lite 8 PoE | Access switch |
| Legolas / Aragorn | U6 Pro ×2 | Wi-Fi APs |
| Sauron | UNVR | Network video recorder — SFP+ uplink to core switch |
| Category | Detail |
|---|---|
| Protect | IP camera system — isolated on a dedicated camera VLAN |
| IoT | SLZB-MR1u (PoE) — standalone Zigbee + Thread/Matter coordinator |
| VLANs | Default · IoT · Guest · VM · Camera |
| Clients | Large number of devices spread across multiple VLANs |
The Docker server runs a 50+ container stack across three isolated networks — a main bridge, an outbound-only network, and a fully internal network with no external routing. All services sit behind Traefik (HTTP/3, dual internal/external entrypoints, Cloudflare wildcard TLS), with Authentik as the SSO layer and CrowdSec handling threat intelligence via both a Traefik bouncer and a Cloudflare Worker bouncer.
|
Media
Security & Access
|
Productivity
Monitoring & Management
Backup & CI/CD
|
🐱 My GitHub Data
📦 4.8 MB Used in GitHub's Storage
🏆 83 Contributions in the Year 2026
🚫 Not Opted to Hire
📜 55 Public Repositories
🔑 8 Private Repositories
I'm a Night 🦉
🌞 Morning 2109 commits ██░░░░░░░░░░░░░░░░░░░░░░░ 09.06 %
🌆 Daytime 6133 commits ███████░░░░░░░░░░░░░░░░░░ 26.35 %
🌃 Evening 7990 commits █████████░░░░░░░░░░░░░░░░ 34.33 %
🌙 Night 7040 commits ████████░░░░░░░░░░░░░░░░░ 30.25 %
📅 I'm Most Productive on Wednesday
Monday 3405 commits ████░░░░░░░░░░░░░░░░░░░░░ 14.63 %
Tuesday 4200 commits █████░░░░░░░░░░░░░░░░░░░░ 18.05 %
Wednesday 4695 commits █████░░░░░░░░░░░░░░░░░░░░ 20.17 %
Thursday 2901 commits ███░░░░░░░░░░░░░░░░░░░░░░ 12.47 %
Friday 3594 commits ████░░░░░░░░░░░░░░░░░░░░░ 15.44 %
Saturday 2562 commits ███░░░░░░░░░░░░░░░░░░░░░░ 11.01 %
Sunday 1915 commits ██░░░░░░░░░░░░░░░░░░░░░░░ 08.23 %
📊 This Week I Spent My Time On
🕑︎ Time Zone: Europe/London
💬 Programming Languages:
Bash 2 hrs 24 mins ████████████████████░░░░░ 79.68 %
sh 14 mins ██░░░░░░░░░░░░░░░░░░░░░░░ 08.06 %
Text 9 mins █░░░░░░░░░░░░░░░░░░░░░░░░ 05.40 %
YAML 5 mins █░░░░░░░░░░░░░░░░░░░░░░░░ 03.25 %
Other 2 mins ░░░░░░░░░░░░░░░░░░░░░░░░░ 01.44 %
🔥 Editors:
VS Code 1 hr 58 mins ████████████████░░░░░░░░░ 65.68 %
Notepad++ 47 mins ███████░░░░░░░░░░░░░░░░░░ 26.26 %
Zsh 14 mins ██░░░░░░░░░░░░░░░░░░░░░░░ 08.06 %
🐱💻 Projects:
public_scripts 1 hr 52 mins ████████████████░░░░░░░░░ 62.42 %
Unknown Project 52 mins ███████░░░░░░░░░░░░░░░░░░ 28.96 %
dotfiles 9 mins █░░░░░░░░░░░░░░░░░░░░░░░░ 05.02 %
Docker 5 mins █░░░░░░░░░░░░░░░░░░░░░░░░ 03.25 %
project_work 0 secs ░░░░░░░░░░░░░░░░░░░░░░░░░ 00.35 %
💻 Operating System:
Windows 2 hrs 46 mins ███████████████████████░░ 91.94 %
Linux 14 mins ██░░░░░░░░░░░░░░░░░░░░░░░ 08.06 %
I Mostly Code in Shell
Shell 12 repos ██████░░░░░░░░░░░░░░░░░░░ 22.64 %
Dockerfile 11 repos █████░░░░░░░░░░░░░░░░░░░░ 20.75 %
Python 8 repos ████░░░░░░░░░░░░░░░░░░░░░ 15.09 %
JavaScript 4 repos ██░░░░░░░░░░░░░░░░░░░░░░░ 07.55 %
HCL 1 repo ░░░░░░░░░░░░░░░░░░░░░░░░░ 01.89 %
Last Updated on 27/06/2026 01:50:10 UTC
🎮 Steam playtime leaderboard
⚔️ Dota 2 🕘 2293 hrs 14 mins
🎮 HELLDIVERS™ 2 🕘 1045 hrs 39 mins
🎮 Creeper World 4 🕘 883 hrs 26 mins
🌏 Sid Meier's Civilization V 🕘 226 hrs 21 mins
🎮 Overwatch® 🕘 209 hrs 25 mins