§ Stack

Things I run in production.

Eight years of writing code, running servers, and migrating systems that cannot afford to go down. Lead with PHP and Linux; equally at home on Windows-Server stacks when the client requires them.

Languages

PHP is the language I love — and the one I lead with.

PHPJavaScriptTypeScript BashSQLPython GoC#

Comfortable across the stack — handwritten code, framework-grade and framework-free. I don't pick a language because it's trendy. I pick it because it survives Friday-night traffic.

Operating Systems

Linux is home. Windows is a tool I'm fluent in.

UbuntuDebianRHEL / CentOS Alma · RockyAlpine Kali LinuxArch Windows Server 2016–2022macOS

Daily-driver Debian / Ubuntu. Kali for security work. Windows-Server stacks (IIS, Active Directory, RDS) when the project lives there.

Web servers

The full production-server catalogue — running, tuned, hardened.

NginxApache HTTPD OpenLiteSpeedLiteSpeed Enterprise CaddyHAProxy IISEnvoy PHP-FPMNode · PM2 Gunicorn

Nginx is the default. HAProxy in front for routing, TLS termination, and traffic-shaping. IIS when the stack is Microsoft.

Databases

Every major production database — from single-node to clustered.

MariaDBMySQL PostgreSQLMicrosoft SQL Server Oracle DatabaseSQLite MongoDBRedis MemcachedClickHouse CassandraElasticsearch

Galera-clustered MariaDB and Sentinel-backed Redis run in DZBuild every day. Schema design, indexing, replication topology, query tuning — owned.

Migrations

Moving live systems without dropping a request.

Zero-downtime schemaExpand · contract Blue-greenHost-to-host DNS cutoversProvider-to-provider Legacy decommissionData backfills

Database migrations (online schema change, dual-write cutovers), server migrations across providers, DNS cutovers with rollback windows, and full legacy decommissions. If it can be moved, it can be moved without downtime.

Cloud · Edge

Multi-cloud, multi-region, multi-CDN — chosen for the workload, not the brand.

AWSGoogle CloudMicrosoft Azure CloudflareBunny CDN DigitalOceanHetzner OVHVultrLinode Backblaze B2R2S3

Cloudflare Workers, KV, D1, R2, Hyperdrive in production. Bunny CDN for high-volume static. Bare-metal and dedicated hosts where latency and economics require it.

DevOps · Reliability

Boring infrastructure, observable from the first deploy.

Docker · ComposeKubernetes · k3s systemdCron · supervisord GitHub ActionsGitLab CI MariaDB GaleraRedis Sentinel Grafana · PrometheusLoki SentryUptimeRobot · OneUptime

Multi-server topology with primary / replica failover, queue workers, cluster-wide locks via MySQL GET_LOCK, real-time push over Mercure SSE, and metrics that mean something at 2 AM.

Security

Years on the offensive side make the defensive side make sense.

Penetration testingHardening · CIS Kali toolkitfail2ban WAF · CloudflareWAF · Bunny Shield TLS / mTLSSecrets management Incident triageSOC 2 readiness

From the first Météo Algérie days to today — auditing, hardening, and locking down the surfaces the rest of the team ships on.

Real-time · Messaging

Push, queues, streams — chosen by latency budget.

Mercure SSEWebSockets RabbitMQKafka Redis StreamsNATS WebhooksIdempotency keys

Real-time order push at DZBuild today is Mercure + Redis. Kafka and RabbitMQ for higher-throughput workloads.

Working style

Small team. Owned end to end. Boring on purpose.

I run with a small, deliberate team in Algiers — engineers, operators, designers, support. We own the full surface: code, server, database, deploy, on-call. No hand-offs into a void. Production is the only measure that matters.

Engaging

Long-term engagements with serious operators. Infrastructure migrations, platform engineering at scale, on-call ownership. Start a conversation →