kotona.app
Solution analyst in Helsinki. I work on data platforms, integration-heavy systems, and infrastructure that benefits from being slightly harder to misuse.
The first batch is drawn from ongoing repo work with enough ADRs, incident notes, and implementation history to support a fair retelling. The rest can wait until they stop being mostly scaffolding.
A household analytics project had outgrown dashboards, but turning it into Home Assistant logic or many services would have hurt the semantics. The repo instead moves toward a modular monolith with Home Assistant as a partner layer and a staged path toward planning and policy.
Appservice is less about bootstrapping Kubernetes than keeping day-two changes, secrets, and upgrades recoverable. The repo uses a strict Flux, Talos, and SOPS operating model with explicit runbooks, trading convenience for an auditable recovery story.
Box risked becoming a demo platform that cheats with shared databases and simulator shortcuts. The repo answers by freezing versioned service contracts first, keeping scenarios as overlays, and requiring local validation before substantial runtime code.
A live rollback fixed a crashlooping workload, but the more interesting part was needing to suspend reconciliation long enough for the fix to become the desired state instead of a temporary lie.
The monitoring split that held up best was also the less ambitious one: keep Gatus on in-cluster checks, keep edge probes in blackbox-exporter, and stop trying to make one checker own every route shape.
Homelab analytics had enough auth surface to accidentally grow a second identity product. The useful decision was to keep identity proof upstream, keep authorization local, and demote local login to a narrow break-glass path.
Backend-owned contracts only become useful release artifacts once the compatibility tooling is conservative enough to complain about real breakage instead of politely missing it.
The interesting part of the remote dev shell cutover was not SSH or code-server. It was moving the real working state onto shared storage without corrupting repo-local databases or pretending two writable trees could coexist peacefully.