A few weeks ago I posted about launching V1 of my portfolio. Since then I've completely rebuilt it from the ground up. π
Same URL, very different site - not in the way you may expect.
What changed:
πΉMigrated from SQLite to PostgreSQL πΉAdded a full admin panel with RBAC, audit logging, and server-side session management πΉBuilt a blog and project management system with Markdown support πΉMoved to a self-managed Hetzner VPS with Nginx + Gunicorn πΉKept Cloudflare Tunnels, origin IP still never exposed
Security was a big focus this time around:
πΉHSTS, CSP, Permissions-Policy headers πΉScrypt password hashing, rate limiting, magic bytes image validation πΉfail2ban, UFW, SSH key-only on a non-standard port πΉ107 automated tests covering auth, CRUD, XSS, and security headers
It is not just a portfolio anymore. It is a live project I will keep building on as I work toward running everything from my own home lab.
Check it out: www.charles-thomas.dev