I spent 4 hours rewriting RadKits’ landing page before my cofounder’s conference. My first draft positioned us as a workflow optimization tool that would “standardize” radiology templates and “increase quality”—language that would have alienated our actual users. My cofounder (who is a radiologist): “This sounds like you’re taking away their autonomy and disparaging their work. They’ll hate that.” He was right. Here’s what I learned about positioning a product for two audiences. ...

My cousin is a radiologist. He built a quick prototype to automate his radiology reports. His colleagues wanted it. That’s when he recruited me: “Can you help turn this into a real product?” This is RadKits. Here’s what I’ve learned building healthcare SaaS with a domain expert co-founder. How RadKits Started Raid had a problem: writing high-quality radiology reports is detailed, time-consuming work. The templates exist, but they take forever to modify for each case. ...

PostHog wasn’t tracking client IPs correctly behind my reverse proxy. NextJS logged the right IPs, Caddy sent the right headers, but PostHog’s dashboard showed everyone visiting from my VPS in Frankfurt. This broke geographic analysis and location-based feature flags. Here’s what I tried and what actually worked. The Setup My application stack: NextJS application Caddy reverse proxy (handles SSL) PostHog Cloud for analytics The proxy setup is standard: Caddy receives requests, sets proper headers, passes them to NextJS. ...

I had multiple frustrations with ChatGPT and Claude: No good way to save and reuse prompts $20/month per service for occasional use Chat history scattered across services No way to compare model responses side-by-side No single pain was unbearable, but together they pushed me to build my own setup. Why I Care About This I experiment with different models—open source and proprietary—to understand their strengths and weaknesses. But this experimentation has a high mental and monetary cost. ...

Hashicorp Vault & Jenkins What is HasiCorp Vault? It is an open-source tool that helps teams and projects manage and protect sensitive data and secrets. We want to store and use secrets from vault as much as possible to: Limit secret sprawl To make it easier to rotate secrets from a central place To have finer granularity on which pipelines have access to which secrets Limit secret exposure; If Jenkins server is compromised, the secrets aren’t also compromised Store the Jenkins Secret backup separately from the main backup. Setting up a hashicorp vault instance You can follow Vault’s official documentation to setup a vault instance or use Linode / AWS marketplaces to easi setup a configured instance. ...

I’ve setup a Jenkins server to manage CI/CD for my various projects, and I want to verify if my setup is overly insecure and what things I could do improve my setups security posture. This post will serve mainly as a guide and checklist for myself. Securing the Server I used the linode marketplace to setup my instance. Securing a server is a big topic, and for now, I just want to make sure the basics are covered: ...

Backing up Jenkins Now that I have a running Jenkins instance with a few pipelines setup, I would like to be able to easily recover my setup in case something happens to the main instance. Also, it’s good practice to regularly backup things like your configurations, Jenkins, and databases. But, what do you need to back up exactly? What to Backup It depends exactly on your specific use-case and needs. Do you need to restore the exact version of plugins you had installed? Do you need access to the builds history? Do you need access to old build artifacts? Logs? Jenkins has a guide that details the minimal amount you need to backup in order to restore your pipelines which is a good start. You can add more directories to backup, like jobs, workspaces, plugins, etc.. as the need comes up. I recommend taking time to truly think of your needs and only include what’s truly necessary. ...

Automating my operations - aka DevOps As part of my day job, I regularly interact with systems such as jenkins, terraform, ansible/salt, etc.. without really understand the full power of these systems and what they enable. Time to change and dive in deeper and actually use them for my personal projects. So, what are common tasks that I need to automate: Creating / Destroying the necessary infrastructure, such as setting up VM’s with a sane default firewall with all the common dependencies pre-built into the image or installed as part of user-data. Deploying the apps to the setup machines with any necessary configuration Shutting down and restarting services Updating configuration Deploying new changes to the machines Creating a staging/dev environment to test changes in before they are deployed to production. These tasks can usually be automated and managed via: ...

Securing your Backend I’ve been learning how to use react and nextJS to build a frontend for one of my projects. I’m using Flask to build the API backend server that will provide the main functionality. I want to limit abuse of the API server and came across several options. Options CORS CORS is a mechanism that’s enforced by the browser to limit access to a server’s resources. However, since it’s only a browser enforced mechanism, a user can replay the request using another method like curl. ...