Blog

Thoughts on engineering, leadership, and infrastructure.

May 27, 2026

Adding AI chat and observability to an open-source NDR

LibreChat with MCP servers for threat hunting, OTel Collector for application logs, Grafana + VictoriaMetrics for dashboards, all behind a shared nginx auth gate, all optional, all deployed with the same Go template system.

May 27, 2026 Building stamusctl · Part 4

Testing the whole stack

Bats integration tests against a live Docker Compose deployment: PCAP injection, OpenSearch assertions, upgrade data survival, and a justfile that orchestrates all of it from a Nix dev shell.

Mar 16, 2026 NixOS from scratch · Part 2

Live theme switching on NixOS across 10 apps at once

I built a theme system in Nix that generates configs for waybar, dunst, kitty, neovim, tmux, Firefox, VSCode, Qt5 apps, swaylock, and the login greeter from a single color palette.

Feb 10, 2026

I built a monorepo template because I kept wasting the first two weeks

Every project starts the same way: auth, database, CI, Docker, tests. I got tired of redoing it, so I built a template. Here's what kept going wrong and how I fixed it.

Jan 20, 2026

Building a SaaS for radiation dosimetry in Go and React

Dosismart is a dose calculation platform I'm building for the French operational dosimetry market. Solid-angle point source model accurate below 1 cm, six volumetric geometries with ray-traced self-absorption, and inverse solvers for distance and shielding.

Dec 18, 2025

Using YAML as a database for a React app

I built a game codex viewer where all the data lives in YAML files. Singleton loader with concurrent fetching, React hooks, character creator with localStorage persistence, and PDF export.

Sep 22, 2025 NixOS from scratch · Part 1

Managing 4 NixOS machines with one flake

My declarative setup for 2 desktops and 2 laptops. Overlays for custom packages, Home Manager for user configs, and why I stopped configuring things by hand.

Sep 2, 2025 Building stamusctl · Part 3

The daemon, observability, and testing

stamusd exposes the same CLI as a REST API. Priority-based shutdown, hot-reloading auth, rate limiting with Redis fallback, and testing with an in-memory filesystem.

Aug 26, 2025 Building stamusctl · Part 2

Docker plumbing and PCAP replay

Circuit breakers for Docker, binary protocol parsing for log streaming, and how readpcap spins up a temporary Suricata container to turn a PCAP file into indexed security data.

Aug 19, 2025 Building stamusctl · Part 1

Two commands to a working NDR stack

A Go CLI with a self-describing template system: OCI-distributed, composable config fragments that the tool discovers at runtime. One question, dozens of configs, zero hardcoded product knowledge.