Top #1 Next.js / DevOps Developer — Host, Deploy & Maintain Booking Web App

Summary We have a production-ready booking web app built using AI-assisted development. We look for a experienced developer to review the code for security issues, deploy it to our VPS, and provide ongoing maintenance and support. SCOPE ## One-time tasks - MVP alignment (send fixed estimate) - Code & review a) Review the full codebase for security vulnerabilities, bad practices, and hardening opportunities. b) Infrastructure review — Verify Dockerfile, environment variable handling, and database setup are production-safe c) Deliver a short report — List of findings, what you fixed, and recommendations - Code fixes - Based on the review implement the necessary fixes. - Deploy — Deploy the app to our VPS using Coolify v4 + Docker with proper domain, SSL, storage, and backups ## MVP Product release (min required 10 hours available first 2 weeks) Working with Product Owner and prioritizing backlog: - Fixing the first bugs - Initial feature additions ## Ongoing tasks (min required 10 hours per month) Taking ownership of the technical parts of the solution: - Security patches and dependency updates - Server maintenance and monitoring - Support future feature deployments - Database backups and disaster recovery - Being available in Team chat ------- Tech stack • Next.js 15 / TypeScript / Node.js 20 • SQLite + Drizzle ORM • Docker (Dockerfile included) • Coolify v4 on Ubuntu VPS Required experience • Securing Node.js / Next.js applications in production • Docker hardening (non-root, minimal images, network isolation) • Linux VPS security (firewall, SSH, fail2ban, secrets management) • GDPR AND HIGH SECURITY BEST PRACTICES awareness (no PII in logs, encrypted secrets) • Experience with closed/private environments and minimal attack surface • Proficient with AI-assisted / vibe coding tools — Augment Code, Cursor, Copilot, Windsurf, or similar. Understands how AI generates code and knows what to look for when reviewing it To apply 1. One example of a security review or hardening you've done on a Node.js app 2. What are the first 5 things you check in a Next.js code review for security? 3. Which AI coding tools do you use daily and how do you review/validate AI-generated code? 4. Hourly rate + estimated hours for the one-time tasks 5. Send ALL Solo projects you have done yourself or projects where you have done the majority of the work (above 80% backend + frontend) 6. When can you start? -- Last question: Tell me about the most security/high grade system you've worked on — what was at stake, what was your role, and what's one thing that almost went wrong?"