dobry@sofia:~$ whoami

I help teams
ship infrastructure
that doesn’t wake them up.

I’m Dobry - a DevOps engineer based in Sofia. Five years in production: Azure microservices, Kubernetes, Go, and the occasional 3am page that taught me observability the hard way. I take contracts where the goal is fewer pages, not more dashboards.

available for contracts locsofia, bg (utc+2) rateon request remoteeu / uk / us

book an intro call selected work download cv (pdf)

02~/work

Selected open-source work

two of the things I built when I should have been sleeping

/pangolin-operator

go · k8s

A Kubernetes operator that gives any cluster service a public URL without opening a port or running a VPN. Custom resources for organisations, tunnel sites and resource proxies; controllers handle the boring half - DNS, certs, drift - in the background. Production-grade, fully reproducible via nix flakes.

Go Operator SDK CRDs Helm Nix

github.com/bovf/pangolin-operator →

/homelab-overkill

nix · k3s

Fifteen self-hosted services - GitLab, Postgres, MinIO, Jellyfin, Prom/Grafana - described declaratively in NixOS and deployed by k3s. Secrets via SOPS with rotation hooks into Bitwarden. The whole thing rebuilds from scratch with one command. Mostly for me; surprisingly useful as a teaching repo.

NixOS K3s Helm SOPS GitOps

github.com/bovf/homelab-overkill →

03~/stack

What I reach for

five years of opinions, lightly held

stack.toml

cloud

Azure (AKS, App Services, DevOps), AWS - the parts that matter

orchestration

Kubernetes, K3s, Helm, OpenShift - canaries, probes, the boring kind of reliable

iac

Terraform, Terragrunt, Ansible, NixOS

ci/cd

Azure DevOps, Jenkins, GitLab CI, ArgoCD - GitOps where it earns its keep

languages

Go for services, Python + Bash for glue, Nix for everything else

observability

Datadog, Grafana, Prometheus, ELK - SLOs, golden signals, alerts that wake the right person

identity

LDAP, Active Directory, OAuth/OIDC, SOPS for secrets at rest

how I work

small PRs, runbooks before launch, postmortems without blame, & a strong bias toward boring tech

04~/writing

Notes & long-form

rss · all posts →

latest

Running a fully declarative homelab, four years in

Every machine in my house rebuilds from a git repo. Power loss, dead SSDs, a kid pulling cables - I run one command and twenty minutes later it's back. Here's the whole stack, the bits that broke, and the parts I'd still do differently.

#nix #homelab #gitops · may 10, 2026 · 14 min read

05~/about

Who I am, briefly

I started in molecular biology, which is mostly an exercise in reproducible processes that fail in interesting ways. Turns out that’s also a description of distributed systems, and the pivot was a lot less weird than the LinkedIn version implies.

For the last five years I’ve been the person teams call when their CI is slow, their cluster is grumpy, or their on-call rota is eating engineers. I built a Go-based IAM platform serving 500K+ users at Schwarz; I rebuilt the observability stack at Ascent and dropped MTTR by 40%; before that I shipped CI/CD, k8s and Terraform across half a dozen client engagements at CleverPine.

I run a fully declarative homelab on NixOS & k3s - fifteen services, encrypted secrets, one git repo, zero clicks. It is enthusiastically over-engineered, and it has taught me more about production systems than most production systems have.

If your team is somewhere on the spectrum between “we ssh into the prod box” and “we have a platform team but it’s one tired person” - that’s where I’m most useful. Drop me a line.