Engineered a fully self-hosted mail infrastructure using BIND for authoritative DNS with custom NS records and a Postfix + Dovecot stack with complete SPF, DKIM, and DMARC alignment. Achieved verified status=sent delivery directly from a self-managed MTA — zero relay dependency.

Built a TLS-terminating reverse proxy layer on GCP routing traffic securely to an isolated backend. Configured managed TLS, custom SSL certificates, and clean scalable architecture with HTTPS enforced end-to-end.

Deployed a multi-region high-availability setup using an Nginx reverse proxy failover architecture with SSL termination and upstream health checks — ensuring continuous service availability across regions without manual intervention.

Configured a hosted email setup using HestiaCP with complete DNS records (MX, SPF, DKIM, DMARC) and inbound mail validation. Verified successful delivery from Gmail and mailbox access via Thunderbird (IMAP).

Built and tested a Squid forward proxy on a VM to control outbound web access. Configured firewall rules, client-side proxy routing, and domain-based ACLs to selectively block traffic and validate flow through Squid access logs.

Designed a cloud monitoring setup for infrastructure and containerised workloads. Dockerised backend exposed via Nginx with HTTPS and Datadog integration for metrics, logs, and alerting — validated by simulating CPU load, application errors, and service downtime.