Infrastructure we manage, end to end

Managed VPS

Managed Virtual Private Servers

A virtual server with full OS management, patching, and 24-hour monitoring. Suited to small teams who want consistent compute without maintaining it themselves — web applications, APIs, background jobs, staging environments.

We handle the operating system layer and above: package updates, security patches, firewall rules, log rotation, certificate renewals, and performance tuning. You deploy and manage your application code; we manage everything underneath it.

What a standard engagement includes:

• Initial OS setup and hardening per your requirements
• Automated patching during agreed maintenance windows
• 24/7 availability monitoring with alerting to your team
• Monthly security review and patch report
• Daily snapshots retained for 14 days
• Direct access to the managing engineer

We manage the server environment, not your application code. Application-level debugging and deployments remain your team's responsibility unless explicitly scoped into the engagement.

Private Cloud

Private Cloud Environments

Isolated compute built on OpenStack or Proxmox, sized for your actual workload. We don't use hyperscaler infrastructure — these are environments we operate ourselves in French data centres, which means no shared-tenancy surprises and straightforward GDPR data-residency documentation.

Private cloud makes sense when you have multiple services or teams, need network isolation between environments, or require more control over the underlying compute than a standard VPS gives you.

What a standard engagement includes:

• Architecture review and environment design before provisioning
• Network segmentation and inter-service firewall rules
• Centralised logging and alerting stack
• Capacity planning review quarterly
• Multi-site backup with tested restore procedures
• Named engineer contact and monthly environment review call

Minimum initial engagement is 3 months. Environment design takes 2–4 weeks depending on complexity. We don't provision infrastructure speculatively — scoping happens before anything is built.

DevOps Consulting

DevOps Consulting

Short-term engagements to build or improve specific infrastructure practices. CI/CD pipeline design, container orchestration with Docker Compose or Kubernetes, infrastructure-as-code with Terraform or Ansible, or a review of an existing setup that's grown fragile over time.

We work alongside your existing team rather than replacing it. Our goal in a consulting engagement is to leave your team more capable, not more dependent.

Common scopes:

• CI/CD pipeline build or audit (GitHub Actions, GitLab CI, Woodpecker)
• Docker Compose to Kubernetes migration planning and execution
• Terraform state cleanup and module reorganisation
• Secrets management implementation (Vault, SOPS)
• Observability stack setup (Prometheus, Grafana, Loki)

Consulting engagements are fixed-scope, not open-ended retainers. We quote a defined deliverable and a timeline. Work outside that scope is discussed and repriced, not absorbed silently.

Security Hardening

Security Hardening

Environment-level security review and remediation for teams handling sensitive data or preparing for an audit. We work from your existing configuration — we don't require you to rebuild from scratch to work with us.

What this covers:

• Firewall rule audit and tightening
• SSH hardening and access control review
• Vulnerability scan (Lynis, OpenVAS) with prioritised findings report
• Secrets audit — identifying credentials in environment variables, config files, or code
• Incident response runbook (what to do if something goes wrong)

We don't offer penetration testing. This is configuration-level hardening and review, not red team simulation. If you need a formal pen test, we can recommend independent firms we've worked with.

Migration Planning

Migration Planning and Execution

Structured moves from AWS, GCP, Azure, or on-premise setups into managed environments we operate. We run migrations in parallel: your existing environment stays live while the new one is built, tested, and validated. The cutover window is agreed with you and we're present throughout it.

The process:

• Environment inventory and dependency mapping
• Target architecture design, reviewed before build starts
• Parallel environment setup and data synchronisation
• Pre-cutover validation checklist (shared with your team)
• Cutover execution with rollback plan documented and ready
• Post-migration monitoring period (typically 2 weeks)

Migration timelines vary widely by environment complexity. A single-service migration might take two weeks; a multi-service environment with databases can take six to ten. We give timeline estimates after the inventory step, not before.