What this service covers
DevOps at Kalenux is not an advisory service and we are not a managed cloud provider. We are engineers who operate our own production infrastructure - Docker containers, Nginx reverse proxies, PostgreSQL clusters, Redis instances, VPS management, SSL certificates, and backup strategies - and apply that operational experience directly to client projects. The work is hands-on and specific. We configure things, test them, and document how to operate them. We do not produce recommendations for someone else to implement.
Common engagements: containerising an existing application that is currently deployed manually and inconsistently, setting up a CI/CD pipeline so deployments happen automatically when code merges to main, migrating from a shared hosting environment to a properly configured VPS with correct security and networking, or establishing monitoring and alerting so the team knows when something breaks before users report it.
We work with whatever the client already has where possible. If the application runs on AWS, we work within AWS. If it runs on a VPS, we work with that. We do not recommend migrating cloud platforms unless there is a clear functional reason to do so - migrations have costs and risks that need to be justified by specific gains, not preference.
Deliverables and outcomes
Docker containerisation
Application, database, cache, and reverse proxy containerised with Docker. Docker Compose configuration for both local development and production, with environment parity between them.
CI/CD pipeline
GitHub Actions (or GitLab CI) workflow that runs tests, builds Docker images, and deploys to the target environment automatically on push to the main branch. Rollback procedure documented.
Nginx configuration
Reverse proxy setup with proper routing, SSL termination, gzip compression, static asset caching headers, rate limiting, and security headers (HSTS, CSP, X-Frame-Options).
SSL/TLS certificate management
Let's Encrypt certificate issuance and automatic renewal via Certbot or ACME client. HTTPS enforced with HTTP-to-HTTPS redirect.
Zero-downtime deployment
Blue-green deployment or rolling restart configuration so new versions go live without visible downtime for users. Verified with a deployment smoke test.
Monitoring and alerting
Uptime monitoring with alerting to email or Slack when the service goes down. Error rate monitoring. Basic performance metrics (response time, CPU, memory) with threshold alerts.
Backup strategy
Automated database backups on a defined schedule with retention policy. Backup restoration procedure documented and tested. Off-site or cloud storage for backup files.
Runbook and handover
A written operations runbook covering: how to deploy, how to roll back, how to check logs, how to restart services, how to restore from backup, and how to add SSL for a new domain.
Our process
Infrastructure work starts with understanding what already exists. The audit determines what to keep, what to replace, and what is missing entirely. From there, work proceeds in a logical order: containerise before you pipeline, pipeline before you monitor, monitor before you hand over.