Infrastructure architect & operator — sovereign cloud platforms, accessibility tooling, and enterprise-grade homelabs.
Hardware at heart, developer by quirk: I keep systems running and build the automation, observability, and tooling that make operations smart.
IT Infrastructure Secure Cloud @ Chas Academy · 2026–2028 · 425 YH credits
Linux · Networking & Security · Cloud (AWS/Azure/GCP) · Containers · Datacenter Hardware & Ops · Automation
Lead Architect & Developer for the HolmDigital A11y Suite.
| Package | Role | Tech Stack | Distribution |
|---|---|---|---|
@holmdigital/engine |
🧠 Architect | ||
@holmdigital/components |
🎨 Lead Dev | ||
@holmdigital/standards |
⚖️ Maintainer |
Lead Developer @
github.com/holmdigitalOrchestrating the sovereign cloud initiative and open standards.
I write Patch Window, a publication on Linux, networking, containers, DevOps, and AI in production environments. It's written from the homelab described below, not from a vendor brief. Three formats: deep-dives when there's something worth working through, hot-takes when the industry is wrong about something, and briefs when a release matters and most coverage is just the changelog rephrased.
Selected articles:
| Format | Title | What it covers |
|---|---|---|
| Local AI in 2026: what's on the box | Ollama, SillyTavern, Forge on a single RTX 3060. Models, VRAM math, what changed this year. | |
| K3s on Proxmox: what actually breaks | Three-node Proxmox cluster, K3s in VMs, etcd memory, Flannel quirks, Ceph contention. | |
| @holmdigital/engine: WCAG to national law | Open-source scanner that maps WCAG failures to legal exposure across 16 countries. | |
| Stop calling it an AI assistant. Build a team. | Designing Claude Code agent teams that don't collapse under their own prompt weight. | |
| Your pipeline skills are not your identity | Platform engineering, AIOps, and why DevOps engineers are reacting the way they are. |
A comprehensive L2/L3 environment leveraging 10G SFP+ backbones and advanced 802.1Q segmentation.
graph TD
%% Nodes
WAN((☁️ Internet))
FW[🔒 pfSense<br/>Dell R240]
Core[⚡ Switch Stack<br/>Juniper EX4200/Quanta]
subgraph Compute ["🔥 Compute Cluster"]
Prox[Cluster<br/>Dell R730XD]
K8s[Kubernetes<br/>K3s Nodes]
end
subgraph Storage ["💾 Storage Array"]
NAS[Truenas<br/>Dell T430]
PBS[Backup<br/>PBS]
end
%% Edge Connections
WAN <==> FW
FW <==> Core
%% Infrastructure Connections
Core == 10Gb Fiber ==> Prox
Core == 10Gb Fiber ==> NAS
%% Internal Links
Prox -.-> K8s
NAS -.-> PBS
- Core Switching:
(24x 10GbE SFP+)
- Virtualization:
with
- VLAN Matrix:
VLAN 10: ManagementVLAN 20: Enterprise Servers (Proxmox, TrueNAS)VLAN 30/40/50: Segmented Client & Service TiersVLAN 60/70/80: Infrastructure & Lab ScopesVLAN 85/86: Secure Trusted Users & Guest AccessVLAN 90: Isolated Corporate Infra (HolmDigital)
- Compute Stack:
The homelab is where I learn; this is where it ships. I design & operate Holm Digital's production stack on a Hetzner EX44 dedicated server:
| Layer | Stack |
|---|---|
| Edge & access | Traefik (auto-SSL) · Authelia 2FA · UFW · Fail2ban |
| Workloads | 21 Dockerized services across 3 isolated networks |
| Observability | Prometheus · Loki · Grafana · Alloy |
| Resilience | age-encrypted offsite backups · GitHub Actions CI/CD · Watchtower |
| Smart ops | n8n automation · local LLM (Ollama) for analysis |
Same discipline as the lab — segmented networks, full observability, infrastructure-as-code — but live, monitored, and backed up.



