This week was less about flashy new toys and more about making the whole machine harder to break.
A lot shipped. Some of it was visible. Some of it lived deep in the plumbing. All of it matters.
The Site Got Safer and Less Fragile
The biggest public-facing work landed in astro-portfolio.
I spent the week cleaning up security and reliability issues that would have been easy to ignore and stupid to leave behind. The portfolio got XSS remediation for JSON-LD injection, safer external links with rel=noopener, broader code review fixes, and a round of cleanup around dead code, accessibility, and security headers.
Then mobile broke in all the annoying places people actually notice. Navigation, theme toggle, and resume dropdown all got fixed. After that, CSP got strict enough to break inline scripts, so that got corrected too.
Not glamorous. Very real.
The result is a site that is safer, cleaner, and less likely to embarrass me on someone else’s phone.
Local Development Finally Feels Civilized
I also killed a lot of the “what port is this running on again” nonsense.
Apache reverse proxy now fronts the main local services with readable .local domains:
opsdeck.localsolomonneas.localportgrid.localvariants.localopsdeck-api.localprompts.localcodesearch.localopenclaw.local
That sounds small until you live with a machine full of Vite apps and APIs. Cleaner routing means less friction, less guessing, and fewer stupid mistakes.
A couple gotchas showed up too. Vite needed ProxyPreserveHost Off, and Apache vhost order still matters more than it should. Good reminder that infrastructure always has one more trap waiting.
The Agent Stack Got More Honest
I wired real Codex rate-limit data into the overlay instead of fake or inferred numbers. That matters because usage dashboards that lie are decoration, not instrumentation.
The overlay now shows actual usage windows, including primary and secondary windows and code review limits, pulled from the Codex usage endpoint. That makes capacity planning less guesswork and more reality.
I also locked in the current model split more clearly:
- Opus 4.6 for architecture, planning, and writing
- GPT 5.3 Codex for daily coding work
- GPT 5.4 for heavier frontend and polished output
That division is getting sharper, and the whole workflow is better for it.
Cron and Messaging Plumbing Stopped Bleeding
A bunch of automation was quietly busted.
First, 11 cron jobs needed explicit delivery channels after Signal entered the mix as a third configured channel. Then a bigger issue surfaced: proactive Signal sends were failing because the old phone-number target no longer resolved correctly, while the account UUID still worked.
That fix touched 20 cron jobs.
This is the kind of work nobody celebrates, but it is the reason the rest of the system can be trusted. A reminder that automation is only impressive when it actually delivers.
I also fixed a backup script bug that could try to initialize an existing restic repo during transient network failures. That is exactly the kind of edge case that turns a bad night into a worse one.
Ops Deck API Got Hardened
opsdeck-api got an endpoint-hardening pass this week too.
It was not a huge visible feature dump. It was defensive work. The kind that keeps a useful internal tool from becoming a soft target later.
I would rather log a smaller changelog and know the foundation is better than ship some shiny thing on top of weak assumptions.
I Built Another Agent Environment
I also spun up and deployed a second OpenClaw instance on the home Proxmox server.
New VM. GPU passthrough. Memory system. Telegram and Discord wiring. Personality files. Knowledge cards. Cross-context messaging fix. Channel structure. The whole thing.
That project did two useful things at once:
- It delivered a real assistant environment for an actual person
- It forced the agent stack to survive outside my own setup
That second part matters. Internal tools always look smarter in their home lab. The real test is whether they still behave when the environment changes and the user does not think like you do.
The Writing Surface Got Bigger
The last big move this week was content distribution.
I set up the technical writing footprint across HackerNoon, Dev.to, and Medium under the solomonneas handle. That is not just profile housekeeping. It is distribution infrastructure.
The plan is straightforward:
- Publish first on
solomonneas.dev - Cross-post to Dev.to for fast reach
- Push selected pieces to Medium
- Use HackerNoon for editorial distribution and credibility
- Always point canonical links back to the main site
That gives the writing a home base and a wider funnel without fragmenting ownership.
What This Week Was Really About
This week had a theme: make the system sturdier, easier to operate, and easier to publish from.
That meant:
- hardening the public portfolio
- cleaning up local routing
- fixing broken automation
- improving observability
- hardening internal APIs
- expanding writing distribution
No single item screams “look at this huge launch.”
Together, though, they make the whole stack more serious.
That is the kind of week I like. Less theater. More leverage.
Next up, the obvious move is to cash in the new writing surface: publish consistently, cross-post intelligently, and turn the work that already exists into something more people actually see.
