/leistungen
Services
I work at the intersection of software, hardware and data. These topics are not silos — most projects touch several at once.
// service-map · how the layers fit together ╭──────────────────────────────────────────────────────────────╮ │ build layer · what gets built │ │ ▸ [software] web apps · dashboards · tools │ │ ▸ [ai] llms in existing products │ │ ▸ [ai-engineering] agent systems · rag · evals │ ╰───────────────────────────────┬──────────────────────────────╯ │ ▼ ╭──────────────────────────────────────────────────────────────╮ │ glue layer · what connects it │ │ ▸ [integration] webhooks · apis · queues │ ╰───────────────────────────────┬──────────────────────────────╯ │ ▼ ╭──────────────────────────────────────────────────────────────╮ │ edge layer · the physical world │ │ ▸ [iot] mqtt · firmware · ota · fleets │ ╰───────────────────────────────┬──────────────────────────────╯ │ ▼ ╭──────────────────────────────────────────────────────────────╮ │ infrastructure │ │ ▸ [cloud] hetzner · coolify · postgres │ ╰──────────────────────────────────────────────────────────────╯ // cross-cutting ▸ [consulting] reviews · stack picks · workshops
Custom software
Web applications, dashboards, internal tools
Stack
- TypeScript
- Angular
- Astro
- Next.js
- Supabase
- PostgreSQL
- Tailwind
Problem
Off-the-shelf software slows you down instead of helping: license costs without payoff, processes that do not fit, or two or three tools that never really integrate. Custom software starts where standard solutions stop.
What you get
- Clearly usable frontend covering all relevant workflows
- Stable backend with a documented API (REST or type-safe)
- Auth, roles, logging, backups — everything production needs
- Clean documentation and code your team can continue with
- Optional monthly retainer for maintenance and continued work
A fit if
Your processes run on Excel and three different tools — and you want one application instead. Or you have an off-the-shelf solution at its limit and need the special case it will never build.
export async function requireRole(
ctx: Context,
role: 'admin' | 'editor',
) {
const user = await getUser(ctx);
if (!user?.roles.includes(role)) {
throw new Forbidden(`role ${role} missing`);
}
return user;
} IoT & embedded
Devices, pipelines, fleets — from sensor to dashboard
Stack
- MQTT
- ESP32
- Node.js
- Supabase
- TimescaleDB
- pm2
- Docker
Problem
IoT projects rarely fail at the hardware — they fail at what sits between: unclear topics, missing idempotency, devices that cannot be updated remotely, or backends that strain at 100 devices and collapse at 10,000.
What you get
- MQTT topic architecture with clear contracts and versioning
- Backend integration with validation, idempotency and retries
- Device management: provisioning, configuration, OTA updates
- Monitoring and alerts for fleets of 100+ devices
- Dashboard for live observation and analysis
A fit if
You are building a product with a hardware element and need someone who understands the cloud and data side. Or your existing IoT platform no longer scales and needs a refactor with a clear architecture.
// Topic: devices/<id>/state/v1
export const onState = async (msg: StateMessage) => {
const parsed = StateSchema.safeParse(msg);
if (!parsed.success) return drop(msg, 'invalid');
await db.device_state.upsert({
device_id: parsed.data.id,
last_seen: new Date(),
payload: parsed.data,
});
}; AI integration
Use LLMs where they actually pay off
Stack
- Claude API
- OpenAI API
- TypeScript
- pgvector
- Edge Functions
Problem
AI hype is large, the payoff often is not. Most use cases can be solved with classic code. I help find the ones where LLMs genuinely save time or cost — and ship them production-ready.
What you get
- Realistic use-case evaluation (with a clear no when it makes no sense)
- Integration into existing tools — not yet another standalone app
- Prompt engineering, tool use, RAG where it fits
- Quality, cost and latency evaluation under real load
- GDPR-compliant setup (EU-hosted models or on-prem)
A fit if
You have repetitive tasks with unstructured text (classification, summarization, extraction). Or a support / research process that would benefit from an internal assistant.
const tools = [{
name: 'set_category',
description: 'Tag the ticket with one category.',
input_schema: {
type: 'object',
properties: {
category: { enum: ['bug', 'question', 'request'] },
},
required: ['category'],
},
}];
const reply = await claude.messages.create({
model: 'claude-opus-4-7',
tools,
messages: [{ role: 'user', content: ticket.body }],
}); AI engineering
Agents, RAG pipelines, AI-native applications
Stack
- Claude API
- Tool Use
- pgvector
- TypeScript
- Streaming
- OpenTelemetry
Problem
AI as a feature inside an existing app is one problem. AI as the product itself is a different one. Tool-use orchestration, latency budgets, fallback logic, hallucination control, cost per request — topics that don\u0027t exist in a ChatGPT wrapper but define every serious AI product build.
What you get
- Agent architecture with tool use, multi-step planning and proper error handling
- Custom RAG pipeline (embedding generation, re-ranking, citation tracking)
- Evaluation with regression tests against a golden set — "hope for the best" is not a strategy
- Cost and latency profiles per flow, with tracing in production
- Frontend with streaming responses, tool-call visualisation and stop controls
A fit if
You are building a product where AI is the heart, not a feature bolted on. Or you have a ChatGPT proof-of-concept that needs to become production-ready and is suddenly failing under real load and real data quality.
// Agent loop with tool use — until the model signals "end_turn".
export async function runAgent(userMessage: string) {
const messages: Message[] = [{ role: 'user', content: userMessage }];
while (true) {
const reply = await claude.messages.create({
model: 'claude-opus-4-7',
tools,
messages,
});
if (reply.stop_reason === 'end_turn') return reply;
// Execute tools and return results back to the model.
const toolUses = reply.content.filter((c) => c.type === 'tool_use');
const results = await Promise.all(toolUses.map(runTool));
messages.push(
{ role: 'assistant', content: reply.content },
{ role: 'user', content: results },
);
}
} Cloud & infrastructure
Pragmatic setups on Hetzner, Coolify, Supabase
Stack
- Hetzner
- Coolify
- Docker
- PostgreSQL
- Cloudflare
- Caddy
Problem
Cloud need not be expensive. Many SMBs pay AWS bills for architectures they do not need. With Coolify, Hetzner and Supabase you can run the same workloads at a fraction of the cost — and with full GDPR compliance.
What you get
- Provisioned Hetzner server with Coolify and PostgreSQL
- CI/CD via Git: every push deploys automatically
- Backups (PostgreSQL + volumes) to object storage
- Monitoring (Uptime Kuma) and logs (Loki / Grafana)
- TLS, HTTPS, auto-renewed certificates via Let’s Encrypt
A fit if
You want out of AWS vendor lock-in, or you are setting up your own infrastructure for the first time without investing in full-time DevOps. Coolify gives you Heroku ergonomics on your own hardware.
services:
app:
image: ghcr.io/staudt/app:latest
environment:
DATABASE_URL: "${DB_URL}"
labels:
coolify.managed: "true"
coolify.fqdn: app.example.com
db:
image: postgres:17
volumes:
- pg-data:/var/lib/postgresql/data System integration
Clean wiring between ERPs, CRMs, third-party APIs
Stack
- Node.js
- REST
- GraphQL
- Webhooks
- BullMQ
- OpenAPI
Problem
Most integration projects fail not at the mapping but at the details: what happens on a timeout, how do you handle a duplicate webhook, what if the source data is junk. That is where the work really starts.
What you get
- Clearly defined interface contracts between the systems
- Idempotency, retry logic, dead-letter queues
- Mapping layer that survives API changes
- Tests against sandbox APIs and real edge cases
- Sync-quality monitoring (how many records missing, how stale)
A fit if
Two or three of your core systems do not talk to each other, or an existing integration is a black-box hack nobody dares touch. Or the classic: SAP / Dynamics ↔ modern cloud tools.
// Idempotent: same delivery_id => same result.
export async function syncOrder(raw: WebhookBody) {
const id = raw.headers['x-delivery-id'];
if (await seen(id)) return { ok: true, dedup: true };
const mapped = mapToErp(raw.order);
await erp.orders.upsert(mapped);
await mark(id);
} Technical consulting
Architecture, stack selection, second opinion
Stack
- Architecture
- Code review
- Stack evaluation
- Workshops
- Due diligence
Problem
You are facing a stack decision, an agency proposal, or an architecture review — and you need the honest, neutral view of a practitioner with no skin in the game.
What you get
- Written assessment with recommendations and risks
- Architecture review of an existing or planned system
- Evaluation of third-party proposals (effort realistic? stack sensible?)
- Workshops with your team — transfer knowledge, do not extract
- Clear recommendation: do, change, or do not
A fit if
Before a large investment or signing with a software vendor. Or when you are internally unsure whether an existing system is still viable.
## Findings — auth layer
- [!] Session tokens stored in localStorage
→ XSS exposure, should be HttpOnly cookie
- [!] No rate-limit on /login
→ brute-force feasible in 24h
- [?] Roles checked via JWT claim, never
revalidated server-side
## Recommendation
Refactor to cookie session + server-side
role check. Effort: ~5 days. Sound familiar?
Send me a short note about what you are dealing with. I will respond within 24 hours with an honest assessment — even if I am not the right partner.