AI Infrastructure
A real multi-agent operating layer — not a wrapper around a chat API.
Claude, Codex, Gemini, and local Ollama models all operate as interchangeable workers over shared durable state on a dedicated volume. No single model is a point of failure. The rule is simple: if it is not written to the drive, it did not happen.
- Custom MCP gateway server with 19 production tools:
shell_exec,ssh_exec,sqlite_query,wp_rest,hostinger_dns,stalwartmail control,openai_workerswith failover,finance_query - Three additional custom MCP servers: WordPress (18 tools), videogen (Sora/Veo/ElevenLabs), bamclone (RAG + WhatsApp bridge)
- DPAPI-encrypted credentials vault — 20+ production secrets, vault CLI for humans,
vault_lookup.pyfor automation-safe retrieval - All tool calls logged to PostgreSQL
ai_core.tool_calls. New barriers appended to_meta/barrier_playbook.jsonl. New tools registered in_meta/registry.csv. - Multi-AI coordination contract codified: agents read canonical state, do not re-brief from scratch, hand off via structured packets
Production E-commerce Architecture
A V2 gateway dark-deployed alongside V1 — no customer risk, real shadow traffic.
FocusGoods V2 is a complete second-generation multi-tenant fulfilment gateway. It receives mirrored Stripe webhook traffic, verifies signatures, queues via BullMQ/Redis, and holds at v1_weight=100 / v2_weight=0 behind a hard human gate.
- Multi-tenant PostgreSQL with RLS: transaction-scoped
SET LOCAL app.tenant_id, verified non-leaking after commit, zero unscoped reads - Async webhook pipeline: Fastify → Stripe sig verification → BullMQ → per-tenant token-bucket fair-share scheduler. Interactive lane exempt from throttle.
- Rights screening engine: Levenshtein (0.80), Soundex phonetic (0.85), pHash visual similarity with Hamming distance. 18/18 tests passing.
- Quality gate: structural validation → Gemini 2.5 Flash LLM comparator → three-tier verdict. Fail-safe: API error escalates, never silently passes. 21/21 tests passing.
- Canary traffic controller: 10% incremental ramp, consecutive failure detection, atomic rollback with audit trail. 20/20 tests passing.
VPS & Production Web Infrastructure
Four live domains. Eight Docker containers. One person.
A production VPS running a full stack: Traefik reverse proxy, PostgreSQL 16, Redis, Stalwart mail server (DKIM Ed25519 + RSA, SPF, DMARC, ManageSieve), PM2 Node.js apps, and a WordPress fleet — all managed via MCP tooling from a local terminal session.
- Stalwart v0.16.5: Ed25519 + RSA-2048 DKIM, programmatic Sieve script deployment via Python (port 4190), documented API limits and exact workarounds
- FocusGoods.co.uk: Node.js/Express, SQLite, Stripe Checkout, Printify fulfilment, transactional email pipeline (6 templates), cron daily drop emailer at 08:30, admin retry endpoints
- WordPress fleet of 7 sites — Dockerised, behind Traefik, managed via WordPress MCP server with 18 tools covering SSH, REST API, WP-CLI, FTP, Elementor, SEO, cPanel
- Hostinger DNS fully automated via API: A, MX, SPF, DMARC, DKIM, CNAME — all scriptable with documented format quirks
- Grafana monitoring on BQM telemetry stack: network metrics, hardware metrics, latency/jitter/loss dashboards