Projects

Open-source tools, automation scripts, and technical documentation. Professional projects built at Twingate, and personal projects for my homelab and infrastructure.

Professional Projects

Custom Client Container

Custom Docker image extending the Twingate headless client with shell access, utilities, and a pluggable health check framework. Forked by Twingate's official Solutions org.

Docker Bash GitHub Actions GHCR

Headless Client Gateway

Script that configures a Linux host as a network gateway, routing IoT device traffic through a Twingate headless client for zero trust access without per-device agents.

Bash Linux Networking Twingate

Custom Connector Container

Custom Docker image wrapping the Twingate Linux Connector with shell access, a pluggable health check framework, and structured JSON resource metrics for log aggregation.

Docker Bash GitHub Actions GHCR

MDM Connector

Middleware that automatically marks devices as trusted in Twingate by cross-referencing 10 MDM/EDR providers (NinjaOne, Sophos, JumpCloud, etc.) on a configurable schedule.

Python Docker MDM/EDR Webhooks

IdP Migrator

Desktop GUI tool for migrating group-to-resource access mappings when switching identity providers, with fuzzy matching, mandatory dry run, and one-click rollback.

Python PySide6 httpx Twingate API

Janus Updater Service

Label-driven Docker container updater that watches running containers, pulls updated images on schedule, and safely recreates containers in-place with automatic rollback on failure.

Python Docker GHCR

Windows Client Installer

PowerShell script for deploying the Twingate client across Windows fleets via MDM, with prerequisites checking, scheduled updates, and notification support.

PowerShell Windows MDM

macOS Client Installer

Bash deployment script for pushing the Twingate standalone client to macOS devices via MDM, mirroring the Windows installer feature set.

Bash macOS MDM

Hyper-V Connector

PowerShell script that deploys a pre-built Linux VM on Hyper-V, configures networking, and installs a Twingate connector - for Windows-only environments without Linux infrastructure.

PowerShell Hyper-V Linux

Technical Documentation

Deploying Twingate on Proxmox

Step-by-step guide for deploying a Twingate connector in a Proxmox LXC container.

Documentation Proxmox

Headless Client Gateway for IoT

Companion guide for the IoT headless client script with use cases, architecture, and deployment instructions.

Documentation IoT

SaaS Application Gating

Guides on combining Twingate with enterprise identity providers (Okta, Entra ID, JumpCloud) to protect public SaaS applications.

Documentation Identity Security

Local Peer-to-Peer Best Practices

Network design best practices for protecting local resources with Twingate in office environments.

Documentation Networking

Evaluating Twingate Performance

Testing methodology for validating Twingate deployments with performance comparisons against open-source VPN services.

Documentation Performance

Twingate Troubleshooting Guides

Collection of troubleshooting guides covering common Twingate deployment and connectivity issues, diagnostic steps, and resolution workflows.

Documentation Troubleshooting

Stolen Keys, Locked Doors: The LiteLLM Supply Chain Attack

Analysis of the March 2026 LiteLLM supply chain attack, examining how least-privilege access, identity-aware policies, outbound-only architecture, and audit visibility can limit damage when credentials are compromised.

Blog Security ZTNA

Personal Projects

Container Watcher

Python service running in Docker that monitors and automatically restarts other containers on a configurable schedule, solving intermittent container failures.

Python Docker

Jellifinflix

Dockerized Jellyfin media library maintenance framework - drop custom scripts into a scripts.d folder to automate cleanup tasks like subtitle removal, empty folder handling, and file renaming.

Bash Docker Jellyfin

RSS Aggregator

Lightweight self-hosted service that pulls multiple RSS feeds, applies keyword and regex filters, deduplicates, and serves a unified RSS 2.0 feed over HTTP with a built-in status page.

Python Docker RSS

Email to SMS Gateway

Python service that checks a mailbox via POP3 and converts incoming emails to SMS alerts, with keyword-based routing to different endpoints.

Python POP3 voip.ms

Proxmox Shutdown Script

UPS-triggered shutdown script for Proxmox that intelligently suspends or shuts down VMs and containers based on tags, with multi-pass safety.

Bash Proxmox

Linux Backup Script

Simple dd-based backup script that snapshots a Linux partition to a remote NFS share with rotation and mount checking.

Bash Linux

Discord Jailer

Discord bot that times out users with an annoying twist - briefly releases them at random intervals before re-jailing them until the timer expires.

Python Discord

sphexi.com v1

The previous version of this site - a single-page application that loaded Markdown files via base64-encoded URL parameters and converted them to HTML client-side using custom JavaScript. Ran as the main site for several years.

JavaScript HTML/CSS Markdown SPA