Job Description
We're looking for an experienced DevOps / Infrastructure consultant to work through a series of well-defined phases. This isn't greenfield work — we have OpenTofu configs, Docker Compose files, and architecture docs ready. We need someone who can review what we have, identify gaps, and execute improvements alongside us.
Current Infrastructure
We have a functional deployment setup already live. Check the PDF for current infrastructure setup.
Scope of Work
Work is organized into four phases. We're open to tackling these sequentially or in parallel depending on your approach.
Phase 1 — Infrastructure Review & Hardening
Full review of the current architecture and setup
Optimize the LGTM observability stack
Better Grafana dashboards and per-service visualizations
Real-time performance and uptime monitoring
Alerting setup
Review Tailscale configuration and token management
Implement encryption at rest for databases and volumes
Implement encryption in transit between VMs and regions (beyond Tailscale)
Phase 2 — High Availability & Database
Prepare our custom PostgreSQL 18 image (pgvector, pgvectorscale, pgroonga) for HA using Patroni
Set up a Patroni-based PostgreSQL HA cluster
Evaluate and potentially deploy a separate vanilla PostgreSQL instance for front-end workloads, with similar HA
Blue-green deployment support for database migrations
Phase 3 — Multi-Region Deployment
Deploy to multiple Hetzner regions (targeting Asia and Europe for latency reduction)
Load balancing to route requests by geographic location
Cross-region database replication and failover
Encryption for all inter-region traffic
Phase 4 — CI/CD & Automation
Build a full CI/CD pipeline for automated deployments, image pulls, and rollbacks
OpenTofu best practices consulting (state management, active deployment patterns)
Evaluate managed alternatives where they make sense
Automate deployment workflows end to end
What We'll Provide
OpenTofu configuration files (sanitized)
Docker Compose configs for all services
Architecture documentation
Direct access to our team for calls whenever you need to discuss something
We could discuss access to some parts of our source code
Note: We won't be providing direct access to live deployment environments or credentials. All work will be advisory, code-based, and reviewed before applied.
Who We're Looking For
Deep hands-on experience with Hetzner Cloud or similar VPS/bare-metal providers
Strong PostgreSQL expertise — HA with Patroni, replication, custom extensions
Docker Compose and container orchestration at scale
OpenTofu or Terraform proficiency
Familiarity with the Grafana LGTM stack (Loki, Mimir, Tempo)
Experience with Tailscale or WireGuard-based networking
Multi-region deployment and cross-region data replication experience
CI/CD pipeline design, preferably with GitHub Actions
We are open to a longer term relationship depending on nature of work!
Apply tot his job
Apply To this Job