I’m a time-served electrician who also runs real Linux and Docker
infrastructure for my own business: Odoo 18 ERP, a secure home /
remote lab, and practical automation tooling.
I’m an electrician who also designs, deploys, and runs my own
infrastructure: Odoo 18, a secure home / remote lab, and
automation tooling in PowerShell, Bash, and Python.
Run a production Odoo 18 ERP stack in Docker for my electrical
business (graylogic.uk).
Built and operate a secure home lab + remote stack with
WireGuard VPN-only access and hardened firewalls.
Write practical tooling in PowerShell, Bash, and Python
(usb-verifier, ssh-login-helper, secure-media-lab automation).
Build and maintain static marketing sites such as
lolek.plumbing
and
ackermanselfstorage.com, implemented as lightweight HTML/CSS/JS and deployed on
Vercel.
Strengths
Production systems: live Odoo instance with
real customers, jobs, and invoices.
Reliability: backups, restores, and rollback
paths tested in practice, not assumed.
Security-aware: WireGuard VPNs, firewalling,
and a “VPN-first, minimal exposure” mindset.
Communication: used to explaining technical
findings to non-technical clients via EICRs and written reports.
Documentation & honesty: I write README files,
runbooks, and notes as part of the work and I’m clear about
what’s stable vs experimental.
Role fit
I’m looking for junior infrastructure, systems, DevOps, or OT/ICS
roles working with Linux, Docker, VPNs, and production systems.
Junior Infrastructure / Systems / DevOps Engineer.
Platform / SRE-style roles focused on reliability.
OT / ICS support roles bridging electrical and infrastructure
work (SCADA, secure remote access, field wiring).
Network / automation roles where panels, sensors, and servers
all need to line up.
I bring a safety-first mindset from electrical work, plus hands-on
experience running my own production stacks.
Highlight projects
secure-media-lab
Secure home lab + remote stack using Debian/WSL2, Docker,
WireGuard, and automation scripts for syncing and backups.
Designed to behave like “real” infrastructure, not a throwaway
lab.
Production Odoo 18 ERP + website for my electrical business,
running in Docker with Traefik, GPG-encrypted backups, and
firewall rules. This stack powers both the public site and the
day-to-day CRM and job workflow.
A ~2,000 line PowerShell script that verifies Windows install
USBs against ISO images, including deep WIM/ESD/SWM analysis,
signature checks, and structured reporting. Built for tampering
detection and clear, human-readable summaries.
PowerShellISO & USB diff engineDeep WIM/ESD scanning
Compares ISO vs USB surface files and flags modified, extra,
and missing items with targeted summaries instead of noisy raw
diffs.
Performs deep analysis of WIM/ESD/SWM images (including
reassembled split images), checking internal hashes,
signatures, and resources.
Produces a structured text report with per-phase logging,
threat hints, and a final integrity summary to support
real-world triage.
Built with robustness in mind: progress logging, error
handling, safe temp usage, and support for large media
creation workflows.
PowerShell, Odoo, and Linux tooling built to remove friction in
recurring workflows:
ssh-login-helper — SSH launcher using
OpenSSH config + JSON metadata, with an interactive menu and
post-connect actions.
odoo-job-request — Odoo 18 job request
portal that creates clean crm.lead records and
attaches uploaded photos / PDFs directly to the lead as Odoo
attachments.
bookish-funicular — toolbox repo of
shell and Python utilities for WireGuard, Docker, firewalling,
monitoring, and systemd service wiring.
Small, static brochure sites for trades and local businesses,
built with plain HTML, CSS and JavaScript and deployed on
managed hosting (Vercel).
lolek.plumbing — plumbing and heating
business site with clear service breakdown and contact routes.
ackermanselfstorage.com — self storage
marketing site with location and enquiry information.
HTML / CSS / JSStatic sitesVercel hosting
Clamp-to-cloud 100A energy monitor
Phase 0 planning for a non-invasive 100 A “clamp-to-cloud”
monitoring node: a split-core CT on the mains incomer feeding an
ESP32 ADC front-end, publishing live telemetry into a
containerised backend (MQTT, time-series store, FastAPI, web
dashboard).
100 A split-core CT (SCT-013-000 class)22 Ω burden + 1.65 V bias for ESP32 ADCMQTT → time-series DB → FastAPI UI
Single 100 A incomer profile:
100 A : 50 mA CT, sized burden resistor
(≈22 Ω) and mid-rail bias within 0–3.3 V ADC
range.
Planned firmware: ESP32 samples mains current, computes or
aggregates RMS, and publishes JSON over MQTT (Wi-Fi) to a
broker.
Planned backend: MQTT broker, time-series database, FastAPI
worker for processing, and a lightweight dashboard using
WebSockets + Chart.js for live power and daily kWh views.
Security profile: baseline MQTT over TLS, with an optional
hardened mode using MQTT over QUIC and WireGuard for
deployments with stricter threat models.
Contact & links
Below are the easiest ways to see my work and get in touch:
Roles where I can grow from “serious hobbyist with production
responsibilities” into a professional in DevOps / infrastructure /
OT.
Practical technical assessments that reflect real work: debugging,
improving scripts, or designing small systems.
Hybrid roles that respect both the field side (sites, hardware)
and the infrastructure side (servers, networks, security).
Tooling & automation — PowerShell, Odoo and Linux scripting
Tools built to remove friction in recurring workflows: SSH access,
media and lab operations, and Odoo-powered job intake.
ssh-login-helper
ssh-login-helper is a PowerShell-first SSH launcher
that treats ~/.ssh/config as a source of truth and
layers a structured JSON metadata file (conf.json) on
top.
Parses OpenSSH config and exposes hosts as a clean, interactive
menu (hostnames, labels, and tags).
Uses JSON metadata to define defaults (user, port, identity file,
working directory, jump hosts, etc.) and descriptive text for each
entry.
Supports post-connect commands so repetitive sequences (for
example,
cd into a path, tail logs, attach to a tmux session)
run automatically after login.
Discovers keys and config intelligently, designed to work with an
existing .ssh layout rather than replace it.
Implemented in structured PowerShell with functions, logging,
error handling, and configuration files.
The goal is a repeatable SSH entry point instead of ad-hoc commands
pulled from shell history.
odoo-job-request is an Odoo 18 module that turns a
public-facing form into a structured lead source for the CRM.
Custom portal form that collects job details, notes, and
supporting files (photos, PDFs) and creates
crm.lead records with clean metadata.
File uploads stored as ir.attachment records, shown
inside the internal lead view so everything stays in one place.
Field validation and sanitisation to keep unstructured browser
input under control in the database.
Developed using Odoo 18 dev tooling with hot-reload patterns
(--dev=all) and a structured module layout (models,
controllers, templates).
This sits at the intersection of my electrical work and back-office
automation: a real business need (job requests) solved with an Odoo
extension rather than a one-off form.
bookish-funicular — scripting toolbox
bookish-funicular is a public toolbox of scripts
that have been used in practice rather than toy snippets: mostly
Shell with some Python.
Organised by domain: wireguard, docker,
firewall, monitoring,
systemctl_service_files,
file_folder_utilities, and more.
Captures how I run and harden systems: WireGuard helpers, systemd
unit files, firewall rules, and laptop/utility scripts.
Shows comfort switching between PowerShell, Bash, and Python as
needed rather than relying on a single toolchain.
PowerShell as a first-class language: large,
structured scripts with functions, logging, and configuration
files rather than ad-hoc one-liners.
Linux and networking literacy: WireGuard, Docker,
firewall rules, systemd, and monitoring combined into working
systems.
Odoo / Python backend awareness: ORM models,
controllers, templates, and attachment handling.
Security-minded defaults: SSH workflows, VPN-only
access patterns, and an instinct to log, verify, and back up.
The common thread: I build tools so they can be operated and
maintained later, whether by me or by another engineer.
Clamp-to-cloud 100A energy monitor — Phase 0 planning
Non-invasive 100 A mains incomer monitoring with an ESP32 edge
node and a containerised backend (MQTT → time-series DB →
FastAPI UI).
System overview
The goal is a single 100 A incomer clamp that behaves like an
IoT node: non-invasive CT on the mains tails, minimal logic on the
ESP32, and processing, storage, and visualisation on a remote
Debian/VPS stack.
[100 A mains incomer]
↓ (non-invasive)
[Split-core CT (100 A : 50 mA)]
↓
[Analog front-end]
- 22 Ω burden resistor
- Mid-rail bias at ~1.65 V
- Within 0–3.3 V ESP32 ADC range
↓
[ESP32 node]
- Samples ADC
- Computes RMS or aggregates samples
- Publishes JSON over MQTT (Wi-Fi)
↓
[Backend (Debian/VPS + Docker)]
- MQTT broker
- Time-series DB (e.g. InfluxDB)
- FastAPI worker + WebSockets
- Dashboard (Chart.js)
100 A CT hardware spec
CT sensor: 100 A split-core CT,
SCT-013-000-class (100 A : 50 mA).
Ratio: 100 A primary → 50 mA
secondary (2000:1).
Burden resistor: target ≈1.1 V RMS at
100 A across the CT, so
R ≈ 1.1 V / 0.05 A ≈ 22 Ω.
Burden power: at 50 mA,
P = I²R ≈ 0.055 W, so a 0.25 W metal film
resistor has margin.
Bias network: 2 × 10 kΩ forming a
divider from 3.3 V to GND, midpoint at ~1.65 V,
decoupled with 100 nF–1 µF to ground.
The CT/burden voltage is referenced to this mid-rail so the AC
waveform stays within the 0 V to 3.3 V ADC range.
MCU: ESP32 DevKit-style board (Wi-Fi, onboard
USB-serial) using one ADC channel for the CT input, with spare
GPIOs for future clamps or status LEDs.
Power: development via USB 5 V; production
via a small DIN-rail or panel PSU feeding the ESP32 inside an
enclosure.
Planned firmware behaviour
On boot, load a sensor profile (100 A CT, 22 Ω burden,
230 V mains) from config.
Bring up Wi-Fi and connect to the MQTT broker.
Sample the ADC over one or more mains cycles, either computing RMS
current on the ESP32 or sending aggregated sample stats upstream.
Build a JSON payload with timestamp, node ID, current, power, and
any health flags, and publish to a topic like
clamps/main_incomer using QoS 1.
Implement basic resilience: small local buffer for short outages
and reconnect with backoff on Wi-Fi/MQTT failure.
Planned backend behaviour
MQTT broker receives telemetry and enforces topic-level ACLs
(clamps/<site>/<circuit>).
A FastAPI-based worker subscribes to clamp topics, validates
payloads, performs any remaining RMS / power calculations, and
writes points to a time-series database.
HTTP endpoints like /api/history and
/api/stats serve historical data and daily/weekly
summaries.
A lightweight dashboard (served by FastAPI) uses WebSockets for
live-updating charts (Chart.js) and an event log (spikes, drops,
gaps).
Security profile
Baseline: MQTT over TLS for this personal /
portfolio deployment (energy-only, read-only).
Optional hardened mode: MQTT over QUIC
(TLS 1.3) plus WireGuard as an overlay VPN so broker ports
are only reachable inside a mesh of authenticated peers.
The design keeps the default deployment lean, but allows the same
node and backend to be reused in networks with stricter security
requirements.
Demo reel
A short ambient reel of systems I’ve designed, built, and run:
terminals, dashboards, and production web UIs.
What you’re looking at
Clips from systems I personally built, deployed, and maintain:
secure-media-lab – VPN-only home/remote lab with
Dockerised media stack and encrypted off-site backups.
graylogic-erp-site – live Odoo 18 ERP + website
for Gray Logic Electrical, on a self-managed Debian VPS.
usb-verifier – PowerShell tool for deep integrity
checks on Windows install media (ISO vs USB).
ssh-login-helper – interactive SSH launcher that
parses OpenSSH config and metadata for multi-host workflows.
Everything shown here is real infrastructure I run day-to-day, not
mockups.