// service · cloud / devops
Cloud / DevOps
Cloudflare, AWS, Vercel. CI pipelines, IaC, observability and on-call.
Infrastructure is where most agencies underprice and over-promise. We’re realistic: we run production systems for clients we still talk to monthly, three-plus years on. Backups are tested, runbooks are current, and the dashboards your team checks are the same ones we check. We’ve shipped Cloudflare-edge migrations, Workers fleets that handle image optimization and scraping at scale, WAF setups that survived directed abuse, custom MySQL backup tooling (XtraBackup-based, with point-in-time recovery), and CI/CD pipelines that handle branch-protected deploys to Hetzner / DigitalOcean / Vultr fleets across regions. None of it is exotic — that’s the point.
Stack & defaults
Edge platform
Cloudflare (edge + Workers + R2 + WAF)
Managed compute
AWS
Dedicated / bare metal
Hetzner
Small VPS
DigitalOcean / Vultr
IaC
Terraform / Pulumi
CI / CD
Docker + GitHub Actions
Observability
Grafana / Datadog / Sentry
Database backup
Percona XtraBackup
What you receive
Infrastructure-as-code from day one
Terraform / Pulumi modules in your repo. No ClickOps, no 'we'll document it later'.
CI/CD that respects branches
PR previews, branch-protected main, signed deploys, instant rollback.
Cloudflare Workers fleet
Image optimization, edge transformations, scraping bots, AI proxies. Workers + R2 + KV + Durable Objects, deployed from your repo.
WAF + abuse protection
Cloudflare WAF rules tuned to your traffic, rate limits per route, bot management, DDoS posture. Tested under load.
Observability stack
Logs, traces, metrics, error rates, RUM. Pre-built dashboards for the metrics that matter.
Backup + disaster recovery
Tested restores. Point-in-time recovery for your database. Documented RPO/RTO.
Runbook + on-call
Plain-English playbook for the top 10 operational scenarios. Optional PagerDuty rotation, primary or secondary.
Timeline
Wk 1
Audit
Infrastructure audit, security review, cost review.
Wk 2–3
IaC migration
Existing infra brought into Terraform. State files versioned.
Wk 4+
Cadence
Weekly maintenance, monthly review, on-call coverage if engaged.
Quarterly
Review
Cost optimization, performance review, capacity planning.
FAQ
Cloudflare or AWS?
Cloudflare for static + edge + small services + media. AWS for stateful workloads, regulated data, or anything that needs a specific region. We'll usually use both.
Hetzner, DigitalOcean, or Vultr — how do you choose?
Hetzner for dedicated boxes and big-VRAM workloads — their price-to-performance is the best in Europe. DigitalOcean for managed databases and the kind of mid-size VPS where simple wins. Vultr for low-cost regional points-of-presence and bare-metal in markets where Hetzner doesn't operate. We'll mix all three on a single client when it makes sense.
Do you offer 24/7 on-call?
Yes — as a separate retainer line. Default retainer is business-hours coverage with paged escalation for severity-1 incidents.
Can you take over an existing infrastructure?
Yes. We start with an audit + risk assessment, then bring it into IaC over 2–4 weeks. Most takeovers are this shape.
What about cost optimization?
Built into the quarterly review. We've taken 20-50% off infra bills on engagements where the previous setup was over-provisioned.