← Home

Services — done-for-you self-hosting, hardening & upkeep

Own your stack. I'll do the hard parts.

You've read the guides. You know self-hosting beats renting your VPN, your password vault, your cloud. But hardening a box, wiring up a reverse proxy, keeping it patched — that's a weekend you don't have, or a rabbit hole you'd rather skip.

So here are three fixed-price ways I help. No hourly rate, no 80-page reports, no month-long engagements — fixed scope, fixed price, clean handoff. Pick the one that matches where you are.

1. Set it up for me — $49, once

The fastest path to owning your stack. I provision a hardened VPS and install whatever you pick — a personal VPN, Vaultwarden, n8n, Nextcloud — each behind SSL, with backups configured, and hand you a one-page doc with every credential and command.

  • Hardened Ubuntu: non-root sudo user, SSH key auth, UFW, fail2ban, auto security updates.
  • Docker + Nginx Proxy Manager + free Let's Encrypt SSL. No domain? I'll set up a free DuckDNS subdomain.
  • $49 flat covers the whole stack — tick one app or tick them all. Only recurring cost is the ~$5/mo VPS, paid direct to the provider (you own the keys).
  • Done in under 24 hours, usually one afternoon. You pay after I deliver.
Done-for-you VPS setup — $49

Full details, the replaces-this-much math, and the order form are on the setup page.

See the $49 setup →

2. Hardening audit — $200–500

You already run a stack and want a second pair of eyes before something bites you. I go through every service, port, Docker container, systemd unit, cron job and backup config, then send you a written report.

You get:

  • A short async intake — describe your stack, grant read-only SSH. No call required.
  • 3–5 working days of audit time across one VPS.
  • A report (typically 8–12 pages) with findings tiered critical → important → minor, each with a fix, plus an action checklist ranked by impact.
  • A follow-up email walking through the key findings in plain language, and one round of "I fixed these — does this look right?" review.

Price: $200 for a single VPS up to ~15 services / one DNS zone. Up to $500 for larger or multi-service stacks — I'll confirm the exact number from your intake before any work starts. Not for regulated workloads (HIPAA/PCI/SOC2).

Book a hardening audit

Email me a two-line description of your stack and I'll reply within 24 hours with a fixed quote and what I need to start.

Email for an audit quote →

3. Care plan — $15/mo

Owning your stack shouldn't mean becoming a part-time sysadmin. The care plan keeps the box healthy so you don't have to think about it. Month-to-month, cancel anytime.

  • Monthly maintenance — OS and Docker image security updates applied and verified for you.
  • Uptime monitoring — your services watched, you get alerted before your users notice.
  • Backup checks — I confirm your backups actually restore, not just that they run.
  • Priority support — reply turnaround drops from 48h to same business day; first port of call when something looks off.
  • Quarterly mini-review — a short health check so small drift never becomes a big incident.

Best paired with a setup or audit above — I keep running the exact box I already know.

Start a care plan — $15/mo

Tell me what you're running and I'll confirm it's a fit. No setup fee if I already set the box up for you.

Email to start →

How it works

  1. Email [email protected] with the subject tag for what you want — [vps-setup], [audit], or [care] — and a two-line description of your stack. (The $49 setup also has a one-click order form.)
  2. I reply within 24–48 hours with either "yes, here's what I need" or an honest "I'm not the right fit, here's who I'd recommend." I turn down work I'm not confident I can do well.
  3. Payment: PayPal, Wise, or bank transfer. For setups and audits, you pay after I deliver — if you're not happy, you don't pay.
  4. Discretion: engagement details stay confidential. I never share client names, configs, or findings without permission.

Need something deeper — a Docker-specific review, or incident-response triage after a suspected breach? Those live on the full hire page.

Why trust me with SSH

If you've found this page, you've probably read the blog — and everything I'd install on your box is something I've already documented:

At the other end of the SSH key: the ByteGuard stack itself — a Hetzner CPX22 and a Contabo box running this blog, three FastAPI services, n8n and Uptime Kuma, single-operator, 99.98% uptime over the last month. I've made every mistake on the audit checklist already — now I charge to find them for other people.

[email protected] · reply turnaround 24–48h, usually faster.

— enim