I don't just "fix servers". I architect Zero-Trust Infrastructure for FinTech and High-Load projects using Kubernetes and GitOps. My goal is to build systems that secure themselves without slowing down developers.
This is the standard Ranas Security Stack topology I implement:
graph TD
User([๐ค Client / Traffic]) -->|HTTPS/443| CF[โ๏ธ Cloudflare Edge]
subgraph "Zero Trust Perimeter"
CF -->|Tunnel| WG[๐ WireGuard Gateway]
WG -->|GitOps| K3s[โธ๏ธ K3s Cluster]
end
subgraph "Automated Defense"
K3s -->|Scans| IAM[๐ Cloud-IAM-Optimizer]
K3s -->|Monitor| Grafana[๐ Grafana / Kuma]
end
style CF fill:#f96,stroke:#333,stroke-width:2px
style K3s fill:#326ce5,stroke:#333,stroke-width:2px,color:#fff
style IAM fill:#ffd343,stroke:#333,stroke-width:2px
| Product | Status | Description |
|---|---|---|
| Cloud-IAM-Optimizer | ๐ข Stable | Identity Security. Automated audit tool for AWS IAM. Finds dormant admins & MFA gaps. |
| Kube-Simple-Audit | ๐ข New | K8s Security. Lightweight Bash script to find privileged pods & root containers in 5 seconds. |
| Secure-K3s-Template | ๐ก Beta | Infrastructure. Production-ready K3s cluster template with GitOps & Cloudflare Tunnel. |
- Defense: WireGuard, Cloudflare Tunnels, Trivy, Falco
- Orchestration: Kubernetes (K3s), Helm, Docker
- Code: Python (Boto3, Pydantic), Terraform, Ansible
- CI/CD: GitHub Actions (True GitOps workflows)
If you want to secure your infrastructure "by design" and move from manual ops to automated defense: