Daniel Bodnar

Rejoined 4act after the Patterson acquisition to build the observability spine and AI agent platform across 200+ repos of legacy and modern services, without disrupting the teams already shipping against those codebases.

• ▸Built `act-infra`: a systemd-v260+ / Arch Linux PKGBUILD-as-IaC system where every deployment format (sysext, confext, portable services, nspawn, vmspawn, Quadlet, OCI, ISO) is a projection of the same PKGBUILD source, composed via dependency graph with pacman as the merger
• ▸Built the full observability spine (PostgreSQL, TimescaleDB, Netdata, Telegraf, Cloudflare exporter, Loki, Mimir, Tempo, Alloy, Beyla eBPF auto-instrumentation) by packaging each component as a composable PKGBUILD so any host gains full metrics coverage with a single install
• ▸Designed and shipped `zoho-agents` v2.0: a voice-driven Zoho Projects agent that transcribes Teams meeting recordings locally via Whisper.cpp (roughly 12x realtime on CPU), then converts them into Zoho issue operations through a three-phase git-checkpoint workflow (cache, plan, apply, verify) so AI-driven writes are recoverable without manual audit
• ▸Designed the meta-package composition pattern so a single `pacman -Syu act-machine-pve01` provisions an entire hypervisor host with its full transitive observability, role, and base graph, with no configuration steps outside of pacman
• ▸Built `devdocs` and Makefile-driven platform workflows that give contributors a single entry point into the 200+ repo footprint, cutting the time it takes a new engineer to find and run anything
• ▸Shipped `pattersonpay.com`, stood up `ai-agents-lab` for cross-team AI experimentation, and delivered the SRE-ops deployment pipeline in May 2026

Founded BitBuilder Cloud to give security-first organizations a highly-available, E2E-encrypted hosting alternative that doesn't require trusting a single vendor with full infrastructure access.

• ▸Containerized and load-balanced several high-profile organizations serving over 1M global visitors per day, keeping each tenant's traffic isolated without requiring dedicated hardware per customer
• ▸Built the bare-metal foundation: a fully-redundant hypervisor cluster across two datacenters (320 cores, 1.25 TB RAM, 60 TB enterprise NVMe at 30 GiB/s read / 27 GiB/s write, 100 Gbps inter-server) with a hybrid overlay that scales onto AWS, GCP, DO, and Vultr without rearchitecting tenant workloads
• ▸Designed BitBuilder Hypervisor: a git-ops, multi-tenant hypervisor on the modern systemd virt stack (vmspawn, nspawn, sysext/confext, networkd, BLS, UKI, DDI) that implements UAPI Group specs end-to-end, making every tenant configuration auditable and reproducible from git
• ▸Built `bbctl`: a Rust CLI and Ratatui TUI that provisions private cloud on VyOS v1.5 and Proxmox bare-metal with L3VPN (EVPN), VXLAN overlay, VRF tenant isolation, and a WireGuard management plane, without requiring operators to touch VyOS config files directly
• ▸Shipped cloudx.sh: visiting cloudx.sh/github.com/owner/repo opens an instant AI dev environment (OpenCode + Claude) inside a Cloudflare Sandbox, live on five production custom domains
• ▸Deployed a multi-cloud hybrid overlay on a custom Kubernetes distribution with an immutable Linux base (Wolfi/Garden Linux) so workloads can migrate between cloud providers without OS-level changes
• ▸Deployed a full observability stack (Grafana, Prometheus, VictoriaMetrics, NetData, Jaeger) covering metrics, tracing, and alerting across all tenants from a single pane
• ▸Provide ongoing infrastructure architecture, security hardening, and incident response for consulting clients including Neal & Neal Insurance and Maybach Systems

Worked with Apollo Inc across two engagements: first as the cloud-migration architect for international broadcast NGO Thru The Bible, then building an AI-powered architectural blueprint converter for MEP cost estimation.

• ▸Planned and executed the complete physical-to-virtual migration of TTB.org's Pasadena office without data loss or service interruption: servers, networking, VMware ESXi hypervisors, Windows Active Directory, NAS, workstations, and three external cloud platforms (GreenCloud, IONOS, Ascendio). The physical office was shut down and sold after handover.
• ▸Cut TTB's annual infrastructure spend by more than **$58,380** by consolidating cloud platforms and renegotiating contracts, while doubling or tripling the CPU and RAM available to each workload in the process
• ▸Built point-in-time snapshot coverage for every server, hypervisor, database, and service (WatchGuard firewall config, AD/DHCP/Plesk exports, Acronis archive) before any migration step, so the handover from the incumbent MSP had a clean rollback path at every stage
• ▸Brought TTB onto BitBuilder Cloud as its first customer, operating under the Apollo Cloud brand throughout the engagement
• ▸Found and removed ransomware, Remote Access Trojans, and website-level malware from multiple workstations and the ttb.org web server before completing the migration, ensuring no compromised state carried over into the new environment
• ▸Migrated TTB01 (Domain Controller, Network Shares), the Accounting workstation, PBSendServer, TTB-Warehouse, and Firewall/VPN Server; collapsed three external cloud platforms onto Apollo Cloud; and moved DNS from 1&1.com to Cloudflare
• ▸Managed executive and shareholder communication directly throughout the engagement and negotiated a multi-year Support and Maintenance Agreement, with contract amendments signed in 2023
• ▸(Dec 2025 – Present) Built `bim-mep-ifc-agent`: an AI-powered converter that takes architectural blueprint images and outputs IFC 4.3 files for MEP quantity takeoff and cost estimation, using Claude Opus 4.5 vision and Claude Agent SDK 0.1.76, with outputs compatible with Autodesk Revit and BIM 360

Modernized a multi-app, multi-database production system by designing the Cloudflare migration path, provisioning a new Arch+ZFS+systemd-homed production server, replacing Docker with systemd-native containerization, and delivering an AI-agent toolchain so the team could work at the platform level without learning every layer.

• ▸Authored a ~26,000-word migration epic covering the full architectural transition from OVH bare-metal Docker to Cloudflare Workers, D1, R2, and KV across multiple apps and a shared MySQL database, giving the team a decision log and rollback plan for every cutover step
• ▸Designed and built the new production server (`maybach-prod-01`) on Arch Linux, ZFS, systemd-homed, and WireGuard, replacing the legacy Docker host without taking any production services down during the transition
• ▸Built three generators for systemd-native containerization (portable services, Quadlet unit files, and vmspawn-based VM isolation) so the team could containerize workloads without introducing a Docker dependency
• ▸Built AI integration directly into the platform layer using Cloudflare Workers AI and Vectorize, with custom WorkersAI, Vectorize, and DocumentAnalysis service wrappers plus an agent controller, so any app in the stack could add AI features without rebuilding the plumbing each time
• ▸Shipped a 9-agent SDK covering the team's major roles (php-engineer, typescript-engineer, database-specialist, cloudflare-workers, cloudflare-services, documentation-generator, systemd-machines, chainguard-images, cloud-native-sysadmin) plus 7 custom slash commands, so contributors work at the platform level without needing to know every layer
• ▸Set up E2E testing with Stagehand AI and Director.ai, parallelized the Laravel Dusk suite to run faster without adding flakiness, and hardened the CI pipeline with secret scanning, secret rotation, and container security checks
• ▸Built `maybach-dba-agent` as a CLI-driven DBA agent for the production database environment and authored YARA rules for forensic analysis of the server's threat surface

Designed and built the team's AWS CDK platform so product teams could deploy standardized, compliant infrastructure on their own schedule without waiting on a central infrastructure queue.

• ▸Rebuilt the Jenkins Core platform from the ground up, cutting pipeline times so engineers spent less time waiting on CI feedback between iterations
• ▸Designed secure AWS networking topologies and multi-account strategies for enterprise applications, keeping each workload in compliance with financial industry security requirements without slowing down deployment
• ▸Built EKS-based deployment tooling with Helm and custom operators that production applications could adopt without rewriting their existing deployment configs
• ▸Built a cloud orchestration CLI that automated cross-account resource management, removing the manual steps that had been causing deployment delays and error-prone hand-offs
• ▸Rolled out IaC patterns across multiple teams in a way that fit their existing code-review workflows, cutting configuration drift and deployment errors without requiring teams to change how they shipped
• ▸Added automated security scanning and compliance checks directly into the CI/CD pipelines so teams caught policy violations before they reached production, rather than finding them in post-deploy audits
• ▸Ran knowledge-sharing sessions and wrote documentation that let other engineers extend the platform on their own, reducing the single-point-of-knowledge risk on the team

Replaced a fragile, patchwork infrastructure with dynamically-scaling bare-metal Kubernetes and a unified observability stack, keeping production workloads online throughout the migration.

• ▸Performance-tuned a 3.5TB+ PostgreSQL cluster alongside MySQL and SQLite databases, keeping query latency within SLA as the dataset grew without requiring a database upgrade or migration
• ▸Contained two separate ransomware attacks in the first month, then redesigned the network with WireGuard VPN, VLANs, and zero-trust access policies so legitimate internal traffic continued uninterrupted while the attack surface shrank
• ▸Deployed self-hosted GitLab with blue-green deployment pipelines and IaC via Terraform, Packer, and Ansible, giving the engineering team repeatable deployments that didn't depend on any individual's manual steps
• ▸Consolidated disparate hypervisors into a single Proxmox cluster on ZFS backed by a 56G InfiniBand SAN, cutting hardware sprawl and giving every VM access to shared high-speed storage
• ▸Built observability coverage with Grafana, Loki, Prometheus, Jaeger, ELK, and Zabbix so the team spotted bottlenecks before they became incidents, rather than hearing about problems first from customer reports

Ran IT for an international non-profit reaching 10,000+ students across 250+ classes worldwide, modernizing infrastructure and applications on a constrained budget without service disruptions.

• ▸Increased hosting capacity 10x by rearchitecting the cloud environment while cutting the infrastructure budget by 50% at the same time
• ▸Brought average page load time from 5 seconds to 0.8 seconds through performance profiling and targeted frontend and backend changes, without migrating to a new framework
• ▸Wrote a 5-year architectural roadmap for replacing the legacy monolithic .NET 3.5 application with a microservice architecture, giving the board a phased plan that avoided a big-bang rewrite
• ▸Built a DRM-secured, offline-capable video player desktop app in Go for classes in low-connectivity areas so instructors could deliver course content regardless of internet stability
• ▸Managed the IT team, support department, and India-based development team across time zones, keeping delivery on track without a formal project management tool
• ▸Volunteer (2012–2014): Built the LMS from scratch, cutting admin overhead by 90%, and deployed it on a horizontally-scaling container platform using Docker, Rancher, and AWS Spot instances to keep hosting costs minimal

Built internal tools and customer-facing services at AT&T across the full project lifecycle, from requirements through production deployment, on a Node.js and Rails team.

• ▸Built the large-scale external Order Status application that aggregated data from 12+ legacy sources, including systems that had to be screen-scraped because they exposed no API, without surfacing source-system failures to end users
• ▸Led the team's migration from Rails and MySQL to Node.js, Angular.js, and MongoDB, cutting prototype development time significantly by moving to a JavaScript-first stack where backend and frontend skills overlapped
• ▸Built a Docker-based CI/CD pipeline that gave each developer a consistent local environment matching production, eliminating a class of bugs that only appeared after deployment
• ▸Applied functional programming patterns in JavaScript to build parallel-worker pipelines that processed large data sets without blocking the event loop or spinning up excessive threads

Owned and operated a computer repair, IT consulting, and managed services company with a physical storefront and 5 employees, serving small businesses across the Dallas/Fort Worth area.

• ▸Delivered computer repair, network administration, and infrastructure architecture for local businesses including Babes Chicken, Justin Boots, Paddock Farms, and DIAB Inc.
• ▸Virtualized roughly 30 bare-metal servers across multiple US sites onto ESXi for DIAB Inc., an international plastics manufacturer, consolidating their hardware footprint and reducing per-site maintenance overhead