Skip to content
View Miguel-DevOps's full-sized avatar
🎯
Focusing
🎯
Focusing
3 followers · 1 following

Achievements

Achievement: QuickdrawAchievement: YOLOAchievement: Pull Sharkx2

Achievements

Achievement: QuickdrawAchievement: YOLOAchievement: Pull Sharkx2

Highlights

  • Pro

Block or report Miguel-DevOps

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Miguel-DevOps/README.md

Hello, I'm Miguel Lozano

Cloud Infrastructure Engineer | FinOps & Bare Metal Specialist

Building Sovereign AI Platforms & Escaping the Cloud Tax.

🚀 The Mission: Capital Efficiency & Sovereignty

I help startups and SMEs escape the "Hyperscaler Trap" (AWS/Azure). I don't sell hours of configuration; I sell Capital Efficiency.

My engineering philosophy is "Boring is Better": I reject unnecessary complexity (like premature Kubernetes) in favor of robust, maintainable, and cost-effective architectures.

🎯 Core Focus

  • 📉 Cloud-Exit Strategy (FinOps): Migrating workloads to Hetzner Bare Metal, typically cutting monthly OpEx by 40-60%.
  • 🤖 Sovereign AI Factory: Deploying private, stateful AI Agents (DeepSeek/Llama) on owned hardware. Zero data leakage, zero token costs.
  • 🛡️ Edge Security: Enforcing OWASP/NIST compliance at the ingress using custom Caddy + Coraza WAF builds.

⚔️ My Tech Stack

I maintain a strict, pragmatic stack designed for Observability, Security, and low TCO.

Domain Technologies
☁️ Infrastructure Hetzner Oracle Debian
⚙️ Orchestration Docker Swarm Portainer K3s
🛠️ IaC & Config OpenTofu Ansible Python
🛡️ Security & Edge Caddy Coraza WAF CrowdSec SOPS
👁️ Observability VictoriaMetrics Grafana Loki
🧠 AI Infrastructure DeepSeek LangGraph

📂 Featured Public Engineering

While most of my work involves confidential infrastructure under NDA, I maintain key public repositories to demonstrate architectural standards:

  • NIST Hardening Suite: Ansible role for turning Debian 13 into a fortress. Implements NIST 800-53 controls (SSH Hardening, AuditD) and active defense via CrowdSec.
  • FinOps Alert CLI: Type-safe Python tool (Typer/Pydantic) to audit Hetzner Cloud infrastructure, detecting "zombie" resources and budget drifts.
  • Hybrid Swarm Protocol: Reference architecture for Split-Horizon clusters spanning OCI (Edge) and Hetzner (Core) with zero-latency consensus issues.
  • Caddy WAF Edition: Production-hardened Caddy build integrated with Coraza WAF and OWASP Core Rule Set. Secure by default, container-native.
  • Chatbot Architecture Blueprint: Educational blueprint demonstrating evolutionary architecture (React 19 + PHP 8.4), Clean Code principles, and automated CI/CD pipelines.

"Efficiency is the only metric that matters."

Check my detailed case studies →

Popular repositories Loading

  1. Miguel-DevOps Miguel-DevOps Public

  2. chatbot-demo chatbot-demo Public

    An educational chatbot blueprint demonstrating evolutionary software architecture with Clean Code, comprehensive testing (99 tests passing), and progressive deployment strategy.

    PHP

  3. hybrid-swarm-kit hybrid-swarm-kit Public

  4. finops-alert-cli finops-alert-cli Public

  5. caddy-waf caddy-waf Public

    Edge security with zero lock-in. Caddy + Coraza WAF delivers OWASP‑compliant protection, automated TLS, and immutable infrastructure—engineered for capital efficiency and compliance evidence.

    Dockerfile

  6. nist-hardening-suite nist-hardening-suite Public

    Automated compliance as code. NIST Hardening Suite transforms NIST 800‑53 controls into executable, auditable infrastructure-eliminating manual drift and supporting reproducible security baselines …

    Jinja