Self-hosted infrastructure,
thoughtfully integrated with AI.

I build and run resilient digital environments — Infrastructure-as-Code with NixOS, Docker, observability, and MCP tooling that lets engineers ship faster.

See projects Live monitoring99.97%

Services running

GitHub repos

99.97%

Uptime · 90d

Featured Projects

LiftCraft — Full-Stack Training Platform with MCP Tool Integration

A production-grade training-planning platform built solo — Rails 8 REST API, React 19 + TypeScript (strict), PostgreSQL 17 — designed so every analytics report is reachable by Claude Code (or any MCP client) as a structured agent tool. 45 whitelisted reports in `Analytics::Registry` cover strength, cardio, hypertrophy, load (ACWR, monotony/strain, fitness-fatigue), periodization, compliance, body-composition, and cross-block comparison. 60 models, 41 controllers, 64 services, 13 Pundit policies, 86 migrations, ~66k LOC across backend + frontend. Multi-env Docker Compose (dev, dev2, test; prod scaffolded), git-crypt secrets, Devise + TOTP 2FA, device tokens with auto-revocation. Zero LLM-generated SQL — every report is Ruby code, registry lookup refuses unknown keys.

RailsReactTypeScriptPostgreSQLMCP+2

Claude Code as an Operator Platform — MCP Integrations + Declarative Config

A declarative NixOS / Home Manager module (`user/app/claude-code/claude-code.nix`, ~400 lines) that generates `~/.claude/settings.json` on every machine in my 16-profile fleet: 82 allow rules, 34 deny rules (SSH keys, credentials, crypto wallets), PreToolUse + PostToolUse hooks running a sensitive-file block-list as harness-level prompt-injection defense. 32 custom slash-command skills (`/deploy-lxc`, `/manage-nas`, `/audit-infrastructure`, `/manage-matrix`, …) plus 6 path-scoped rule files (`.claude/rules/*.md` with `paths:` frontmatter) that auto-load on glob match so context stays lean. 5 MCP servers wired from git-crypt secrets: Plane (self-hosted PM), Perplexity, Grafana, PostgreSQL (read-only), n8n. One `aku sync` rebuilds the whole config on any node.

Claude CodeMCPAI IntegrationNixOSAutomation+1

NixOS Infrastructure-as-Code — Replicable Multi-System Base

A single NixOS flake that declaratively produces 16 system configurations from one shared codebase — desktops, laptops, a public VPS, a ZFS NAS, Proxmox LXCs, and macOS. Every OS-level concern (kernel, user environment, services, security posture, AI-agent configuration) is versioned in git and rebuildable from source. Feature-flag architecture in `lib/defaults.nix` with recursive merge eliminates hostname hardcoding; 18 security modules apply a uniform baseline across every node; a 1,156-line zero-touch installer takes a blank SSD to a running system in ~20 minutes.

NixOSInfrastructure as CodeNix FlakesReproducible SystemsPlatform Engineering

Where I've worked

DB Schenker

Sep 2019 – Present·6y 11mo

IT Engineer

Current

Jan 2022 – Present·Warsaw, Poland · Remote

•Maintained Windows Server and Ubuntu environments across DEV/TEST/PROD with focus on automation, patch management, and service reliability; standardized update schedules via SystemD + Nix.
•Administered SQL Server databases — scripting, backups, data transformation, integration with internal web application — ensuring data reliability and query performance.

SQL Developer

Sep 2019 – Jan 2022·Warsaw, Poland

•Developed and optimized application modules using T-SQL on MS SQL Server; designed workflows and automated processes via built-in configurators and stored procedures.
•Owned database maintenance: backups, dumps, views, triggers, and XML/HTML reports — ensuring data integrity and system reliability.

IMS Health (now IQVIA)

Jan 2018 – Jul 2019·1y 7mo

Technical Support

Jan 2018 – Jul 2019·Warsaw, Poland · Hybrid

•Configured Salesforce ↔ internal database integrations (SQL queries, JSON payloads, data prep) and supported international project delivery with global Project Managers.

Self-hosted infrastructure,thoughtfully integrated with AI.