Kshitij K
**ABOUT ME**
- 👨🎓Computer Engineer
- 🛡️ Privacy enthusiast
- 
Interested in server management, self-hosting privacy-first cloud services
- 
Hosting privacy focused cloud services at 
[KSKA](https://kska.io)
Find out more about my projects on my [self hosted git server](https://git.kska.io/notkshitij/)!
> [!IMPORTANT]
> All of my commits are signed using my [GPG key](./keys/personal-pubkey.asc).
**PROJECTS**
1. KSKA Cloud Services
- Deployed self-hosted services (Ghost CMS, Gitea, Nextcloud, etc.) using Docker on hardened Debian/Arch systems (with LUKS, ZFS, BTRFS, LVM).
2. PiDetectify
- Developed a real-time monitoring system using Raspberry Pi, featuring motion detection capabilities.
- Implemented secure alert dispatch through ntfy.sh for immediate notifications.
- Utilized WireGuard VPN to ensure secure communication when users are outside the local network.
- Containerized the entire application stack with Docker to enhance scalability and deployment efficiency.
- Raspberry Pi for processing tasks and Pi Camera for motion detection.
- Notifications are triggered upon motion detection and sent to users via ntfy.sh.
- Both ntfy.sh and WireGuard run in separate Docker containers, ensuring modularity and ease of management.
- The entire system operates locally, providing a secure and efficient monitoring solution.
3. CropCompass
- Developed a unified dashboard for comprehensive farm management.
- Enabled real-time tracking and management of farm operations.
- Implemented logging of key activities, including sowing, fertilization, and harvesting.
- Integrated financial planning tools for tracking expenses and revenue.
- Incorporated AI-powered recommendations and disease detection capabilities.
- Utilized Google Gemini for predictive crop health analysis.
- Provided multilingual support, currently available in English, Hindi, Marathi, and French.
- Deployed AI for crop disease detection and predictive harvesting using Gemini AI.
4. Skycrate
- Dockerized a Hadoop cluster to resolve dependency issues, hosting it internally and exposing it to the team via Tailscale.
- Integrated internationalization (i18n) for multilingual support across the frontend.
- Implemented hybrid RSA-AES encryption for each file, utilizing user-specific key pairs.
- Established strong password policies with breach checks via Have I Been Pwned.
- Utilized JWT-based authentication with refresh token support and a blacklist feature upon logout.
- Implemented brute-force login protection through rate limiting.
- Enforced HTTPS with automatic redirection from HTTP to HTTPS.
- Enabled encrypted file upload and download to/from HDFS, with metadata stored in a database.
- Developed audit logging and structured Data Transfer Objects (DTOs) with validation.
- Created a token refresh endpoint and ensured secure session handling.
- Automated user directory creation in HDFS upon user registration.
- Enhanced Spring Security, streamlined configuration, and established a modular service structure.
**SKILLS**
*Containerization & Virtualization*
*Version Control & Collaboration*
*Cloud Platforms*
*Programming Languages*
*System Administration*
*Networking*
*Database Management*
*Web Development*
*Frameworks & Libraries*
*Web & Mail Servers*
