Open Source Applications & Platforms

At the application level, I plan and operate open source applications that connect data, services, and user interfaces to stable, documented, and maintainable platforms.

I consistently utilize open source solutions that can be integrated into existing infrastructures, automated, and operated independently over the long term.
The goal is always to create systems that are transparent, scalable, and independent of cloud or licensing models.

For me, applications are not an end product, but part of a holistic architecture:
They are versioned, monitored, secured, and integrated into existing authentication, backup, and monitoring chains.

Drache Comeli as a researcher at his desk, presenting open source applications and self-hosted platforms

Databases

Representation of multiple databases and clients for managing relational and document-based database systems in stable open-source infrastructures

I plan, operate, and secure relational and document-based databases—with a focus on stability, performance, and reproducibility.

My areas of expertise include PostgreSQL, MariaDB/MySQL, and MongoDB, including high availability, replication, and CI/CD integration.

  • Administration and tuning of PostgreSQL and MariaDB
  • Replication, PITR backups, and failover concepts
  • Monitoring with Prometheus exporters and Grafana
  • Migration from Oracle to PostgreSQL
  • Integration into Kubernetes (StatefulSets, PV/PVC, Helm charts)
Learn more

Server software

Dragon Comeli in front of abstract server and process symbols representing Linux-based server software and automated operation

I operate and configure classic Linux server applications – stable, secure, and automatable.

These include web, mail, file, and authentication servers as well as proxy and access services.

  • Apache2, NGINX, Mailcow, WordPress, HA cluster, Samba AD
  • Reverse proxy and load balancing concepts
  • Security hardening (TLS, ModSecurity, Fail2Ban, SPF/DKIM/DMARC)
  • Automated configuration with Ansible
  • Integration into central authentication and backup systems
Learn more

Self-Hosted Services & Collaboration

Drache Comeli in front of a schematic system diagram illustrating self-hosted services and integrated collaboration platforms

I build and operate self-hosted platforms that enable communication, documentation, and collaboration—all under my own control.

  • Bookstack as a knowledge system
  • OpenCloud (Nextcloud + Collabora Online) for file and office collaboration
  • OpenTalk for video conferencing
  • OpenProject for project management
  • Asterisk PBX for VoIP telephony
  • Git, Gitea, or Forgejo for source code management
Learn more

Security & Integration of open source applications

I generally embed applications into existing security, monitoring, and authentication structures.

  • Single sign-on with LDAP/Kerberos
  • TLS certificate management and encryption
  • Log and metric integration (Prometheus, Loki, Alertmanager)
  • Backup and restore processes for all services
  • Documented service dependencies and access paths

Automation & Provisioning

I automate the installation, updates, and configuration of all applications using Ansible, Docker Compose, or Helm.

This results in reproducible deployments and traceable environments.

  • Ansible roles for web, mail, database, and collaboration services
  • Container-based provisioning (Docker, Kubernetes)
  • Versioned templates and variable management
  • Automated configuration and backup processes

Documentation & Operation

Applications are fully documented—from architecture to daily maintenance.

I use Markdown-based workflows and Bookstack to keep operation, recovery, and customization traceable.

  • Operating manuals and handover documentation
  • Markdown-based technical guides and service runbooks
  • Structured storage of configuration and backup information
  • Automatically generated overviews of running services