Astro
Static-first, island-hydrated frontend. This very site runs on it.
- Frontend
- Islands
- Content
Uses
A living snapshot of what I build with, run on, and play with — from the development stack and homelab to the security defaults, creative rig, and competitive games that keep the curiosity loop running.
Build
The day-to-day toolkit for turning ideas into shipped, typed systems.
Why Static-first and typed by default. Astro ships HTML instead of a framework tax, TypeScript catches the dumb mistakes before they reach a branch, and AI pair-builders take the boilerplate — while validation-first slices keep all three honest.
Why AI assistance doesn't get to erode the architecture →Static-first, island-hydrated frontend. This very site runs on it.
Typed end to end — if it compiles clean, half the bugs never happen.
Backend workhorse when an app needs real server logic and structure.
Everything builds and runs in containers so the host stays clean.
Source of truth, CI, and PR-driven review for every change.
AI pair-builders for slices, refactors, and the boring boilerplate.
Thin vertical slices, each gated by check + build before it merges.
Run
Where the services live — a private cloud steadily getting leaner.
Why The homelab is where I learned ops the hard way. A VMware/vSAN private cloud taught me what resilience actually costs; now I'm trading heavy VMs for lean containers so the stack is cheaper to run and easier to reason about at 2am.
Field notes from running my own private cloud →Years on a VMware + vSAN private cloud — the homelab that taught me ops.
Moving workloads off heavy VMs onto lean, right-sized containers.
DNS, edge, and tunnels sitting in front of self-hosted services.
Internal CA thinking: issue, rotate, and distribute certs without copy-paste.
Metrics, logs, and alerts so problems announce themselves first.
Defend
Defaults that make the safe path the easy path.
Why Security here isn't a layer bolted on at the end — it's the default posture. Secrets stay isolated, scopes stay small, and anything automated runs where I can see its blast radius. Trust boundaries should be obvious, not clever.
How this thinking shows up in client work →Secrets live in vaults and env — never in the repo or a chat window.
Every token, service, and human gets the smallest scope that works.
If it changed, there's a record of who, what, and when.
Verify every request; trust no network by default.
Automation runs in sandboxes with an explicit, reviewable blast radius.
Create
The engineering brain pointed at sound and side experiments, as PakkitStorm.
Why Same engineering brain, pointed at sound and the occasional weird experiment — half performance, half R&D. It's where I prototype ideas with no pressure and let the good ones sneak back into the serious work.
What's currently on the bench in the lab →Bass-forward, club-energy sets built to move a room.
Reading a room and building a night's arc, warm-up to afterhours.
After-hours tinkering with AI tools — sketching ideas fast, keeping the ones with taste.
Overlays, scenes, and bots that make going live less of a chore.
Play
Competitive habits that quietly sharpen the engineering work.
Why Overwatch is competitive practice for the instincts engineering needs: read the system, make the callout, review the tape afterward. The community tooling is mostly me automating game night so the fun scales without the chaos.
How gaming quietly taught me systems thinking →Main competitive game — mechanics and game sense under pressure.
Fast feedback, clear callouts, and a review after every match.
Discord bots and game-night infrastructure for the crew.
Decision principles
I'm not loyal to any one tool — I'm loyal to a short list of properties. Something new has to clear this bar before it gets to stay.
they reduce friction — The boring parts get genuinely faster, not just rearranged into new busywork.
they make mistakes easier to catch — check + build fails loud and early, before a human has to notice the breakage.
they help future-me understand what happened — The commits, logs, and docs explain the decision long after I've forgotten it.
they keep secrets and trust boundaries clear — Where a credential lives is obvious, and crossing a boundary takes a deliberate step.
they let weird ideas become real without becoming chaos — A late-night prototype can grow up into a real system without a full rewrite.
Things I avoid
Nothing here is forbidden forever — these are just the patterns that have bitten me enough times to earn a default no.
Giant all-in-one rewrites — Big-bang changes hide where they broke. Thin slices fail small and obvious.
Tools that hide too much magic — If I can't reason about what it does, I can't debug it when it matters.
Workflows that only work on one machine — "Works on my machine" isn't a deployment strategy — it belongs in a container.
Undocumented production paths — If prod only exists in someone's head, it's already a future incident.
Automation with no audit trail — Automation I can't review or replay is just a faster way to be wrong.
This list pairs with what I'm into right now, and a lot of it earns its keep in the lab before it makes it into real work.