Tech Stack
TrueNAS SCALE, Linux, Kubernetes (k3s), Docker, Apache, PM2, Tailscale
Overview
As DCSG began deploying custom-built internal tools like the Cost Estimator and Report Text Formatter, there was no centralized, secure place for employees to access them. Each application required separate hosting, which made management complex and limited scalability.
The company needed a dedicated intranet hub to serve as a single access point for all internal software — one that was secure, always available, and built for growth.
Solution
I designed and deployed a production-grade intranet hub on TrueNAS SCALE, leveraging Linux and Kubernetes to create a stable, secure environment for all internal applications.
1. Server & Infrastructure Setup
Configured a dedicated TrueNAS SCALE instance to run containerized workloads.
Segmented storage between system files and application data for security and stability.
Established a clean foundation for container orchestration and scaling.
2. Kubernetes & Docker Orchestration
Built out the environment using Docker containers managed by Kubernetes (k3s).
Configured NodePort services to expose applications securely across the private network.
Designed an infrastructure that supports running multiple apps simultaneously, with the flexibility to scale as usage grows.
3. Secure Remote Access
Integrated Tailscale to create a private, encrypted mesh VPN for employees.
Applications are only accessible internally through Tailscale, preventing public internet exposure and greatly reducing attack surface.
4. Backend Hosting & 24/7 Runtime
Implemented PM2 process management to keep backend servers running continuously.
Set up automated restarts on crashes or server reboots, guaranteeing high availability.
Enabled services like the Cost Estimator and Report Formatter to run reliably with no downtime.
5. Advanced Linux Administration
Wrote custom Linux shell scripts for permissions and access control, ensuring proper role separation.
Configured network routing and firewall rules to tightly control traffic between apps and users.
Maintained all container lifecycle tasks, updates, and troubleshooting directly through the TrueNAS shell.
Results
Delivered a centralized intranet hub where all internal tools can live in one place.
Enabled secure company-wide access while maintaining strict control over permissions and privacy.
Simplified deployment and scaling of new applications, reducing manual server work.
Provided a stable, production-grade foundation for future internal tools and workflows.
Key Takeaways
This project highlights my ability to bridge development and infrastructure, delivering not just software but the environment it runs in. By combining Linux administration, Kubernetes orchestration, and secure networking, I created a scalable solution that allows DCSG to expand its internal tooling without increasing complexity or risk.