source-control
live
Self-hosted source-control on dedicated compute. Zero-downtime upgrades, container registry, the lot.
Panda DevOps is a working technology practice — self-hosted infra, automation pipelines, and the experiments that come out of a real self-hosted environment. Everything here is deployed, building, or honestly labeled archived.
Self-hosted source-control on dedicated compute. Zero-downtime upgrades, container registry, the lot.
The always-on edge orchestrator — DNS, ingress tunnels, and cron that never sleeps.
CI runners on a mixed-architecture fleet. Tagged + autoscaled-ish, cross-arch builds out of the box.
Zero-trust ingress. No open ports on the platform. Config-as-code routing per service.
Value-free credential helper. Resolves rbw entries + injects credentials to subprocess stdin. Never leaks values to transcript.
Manifest-driven secret rotation engine. Multi-provider (Cloudflare, Anthropic, GitLab, Render, Telegram, local generate). Audit-logged, idempotent.
Container host. Source-control, registry, runners.
DNS, ingress tunnels, scheduled jobs, the always-on layer.
CI runner + build node. macOS targets and heavier jobs.
Snapshots, backups, offsite sync, restore drills.
Zero-trust ingress. No open ports, config-as-code routing.
Runners across x86 + macOS nodes. Tagged, autoscaled-ish.
Blue-green on one box with Docker, a reverse proxy, and a 90-second cutover window.
Why I closed every inbound port on the platform and didn't look back.
The staffing formula every WFM tool hides, written out plainly.
A PostToolUse regex stack that flags BASE64/HEX/secret patterns before they reach git or chat.
Panda DevOps is the technology practice of d8vee. The work is the brand — reach out by email or open an issue.