Open to fullstack roles

Fullstack Engineer
Internal Tools & Enterprise Workflows

I build production-grade platforms that operations teams actually rely on — with proper multi-tenancy, role-based access control, and CI/CD from day one.

View Live Demo GitHub

About

I specialise in fullstack development for internal tooling — service desks, workflow platforms, and multi-tenant SaaS products used inside organisations.

My focus is production readiness from the start: clear data models, proper access control, observable deployments, and UIs that don't get in the way of the people using them.

SupportOps is my flagship side project — an end-to-end service request platform built with Next.js, NestJS, PostgreSQL, and Redis, deployed on a real server with Docker and Nginx.

Roles in RBAC system

Apps in monorepo

CI/CD

GitHub Actions + SSH deploy

SSL

Let's Encrypt + Nginx

Core Skills

Frontend

Next.js 16 (App Router)
React 19
TypeScript
MUI 7

Backend

NestJS 11
Prisma ORM
PostgreSQL 16
Redis / BullMQ

Infrastructure

Docker
Nginx
GitHub Actions
Let's Encrypt SSL

Architecture

pnpm Monorepo
Turborepo
Multi-tenant SaaS
RBAC

Featured Project

SupportOps

Enterprise-grade internal service request management platform

A multi-tenant platform for managing service requests across an organisation. Built with four distinct roles, SLA tracking, escalation rules, file attachments, email notifications, and full audit trails — from scratch.

Multi-tenant with per-tenant data isolation at the database level

4-role RBAC: Tenant Admin, Ops Coordinator, Technician, Employee

SLA tracking with automatic escalation via background jobs

Request lifecycle: Draft → Submitted → Assigned → In Progress → Resolved

Activity timeline and audit log on every request

File attachments with signed URL access control

Email notifications via Resend with daily rate limiting

Live Demo Source Code

What This Project Demonstrates

Multi-tenant architecture

Row-level tenant isolation in PostgreSQL. Every query is scoped to the current tenant — no data leakage across organisation boundaries.

Role-based access control

Guards at the NestJS layer and conditional rendering on the frontend. Roles determine visible data and permitted actions throughout the stack.

Production deployment pipeline

GitHub Actions builds Docker images, pushes to GHCR, deploys via SSH, runs Prisma migrations, auto-seeds on first deploy, then smoke-tests before completing.

Monorepo with shared packages

pnpm workspaces and Turborepo coordinate builds across API, web, worker, and shared packages. Type contracts shared via a dedicated types package.

Background job processing

BullMQ on Redis handles email notifications and SLA escalation scheduling — decoupled from the HTTP request/response cycle.

Clean API design

RESTful NestJS API with OpenAPI docs, Prisma-managed schema migrations, JWT auth with refresh token rotation, and rate limiting via @nestjs/throttler.

Try the Demo

The demo runs on a real server with a real database. Each role has a separate account so you can explore the platform from different perspectives.

Role	Can do
Tenant Admin	Full platform control — manage team members, tenant settings, and all service requests
Ops Coordinator	Assign and oversee service requests, manage SLA rules and escalation policies
Technician	Work on assigned requests, update progress status, and add activity notes
Employee	Submit service requests, track progress, and communicate via activity thread

Open Demo App

Demo credentials available upon request — contact me via email or LinkedIn below.

Technical Snapshot

View source on GitHub

Frontend	Next.js 16 · React 19 · MUI 7 · App Router · Standalone build
Backend	NestJS 11 · Prisma 6 · PostgreSQL 16 · JWT + Refresh tokens
Queue	BullMQ · Redis 7 · async jobs for email & SLA escalation
Infrastructure	Docker · Nginx 1.27 · Let's Encrypt · pnpm 9 · Node 20
CI/CD	GitHub Actions · GHCR image registry · SSH deploy · Turbo build cache
Architecture	pnpm monorepo · Turborepo · shared types package · shared UI library