Holtzweb.
Featured Projects
Auto-Updating Resume Pipeline
Personal Project
CI/CD pipeline that rebuilds and publishes a polished resume every single day via GitHub Actions. Containerized LaTeX rendering produces a versioned PDF artifact โ the pipeline itself is the portfolio piece.
The Engineer Behind the Work
Holtzweb is a systems engineering and web development firm built on over 10 years of experience. Founder, Marcus Holtz, has spent the last decade building and maintaining servers, networks, and web infrastructure for municipalities, tech companies, tourism organizations, and non-profits. As the senior engineer, Marcus delivers technical solutions across IT, development, and operations โ the full stack: network design and virtualization, CI/CD pipelines (local or cloud), and custom application development. Need a seasoned expert who knows your environment inside and out? Let's talk.
Role
Senior System Administrator & Web Program Lead
Location
Denver, Colorado
Experience
11+ years in Systems & Web
Education
BS Finance, Southern Illinois University Carbondale
Blog
blog.holtzweb.comOpen Source
github.com/marcusholtzSites that excite. Custom websites build audiences.
WordPress & Web Development
Custom WordPress sites, theme development, plugin integrations, WooCommerce, SEO, headless CMS builds, and ongoing maintenance. We build fast, secure, accessible websites that are built for maximum online visibility.
- Custom WordPress builds
- WooCommerce & eCommerce
- Headless / Astro sites
- SEO & Security
Infrastructure that runs without concern.
Linux Server Administration
Server environments built and managed at scale. We cover infrastructure design, CI/CD, pipeline security, maintenance, and keeping everything monitored.
- Infrastructure design
- CI/CD pipeline engineering
- Security hardening & compliance
- Systems monitoring & observability
The foundational systems serving technology.
Networking & Infrastructure
LAN/WAN design, edge router configuration, VPN setup, Wi-Fi deployments, mesh networking, zero trust services. Every deployment comes with documentation your team actually enjoys using.
- Firewall & VPN config
- Vendor agnostic networking
- Hardware selection
- Network assessments
A straight answer about what your IT needs.
Consulting & Project Support
Not sure what you need? Contact us. We'll talk about your current setup, translate wishes into features, identify gaps, and give you a roadmap. We'll figure it out together, then you decide what to do.
- IT infrastructure audits
- Technology roadmapping
- Vendor selection
- Project management
Need Hosting?
Your corner of the internet. Taken care of.
Holtzhost is our web hosting operation โ web hosting, self-hosted apps, with full control panel access. Using our over-engineered infrastructure, your files are always available and stay custodially yours. Your data doesnt train someone's AI model, unless you want it to.
- Web Hosting โ WordPress, Hugo, Astro, Jekyll, and more
- Self-Hosted Apps โ file storage, photo management, task boards
- Full Backups โ sleep at night with our automated backups
Featured Projects
Personal Project
Auto-Updating Resume Pipeline
CI/CD pipeline that rebuilds and publishes a polished resume every single day via GitHub Actions. Containerized LaTeX rendering produces a versioned PDF artifact โ the pipeline itself is the portfolio piece.
Security Infrastructure
Transparent Nginx WAF on OPNsense
Transparent Web Application Firewall using Nginx on OPNsense with Caddy and Traefik failover โ layer-7 inspection and active threat blocking for self-hosted services, with zero changes required at the application layer.
Personal AI Project
Automated Job Search AI Assistant
AI-powered agent that autonomously scrapes job listings, scores relevance against a target profile using an LLM, and delivers prioritized alerts. Removes the noise from job hunting entirely.
Personal Project
VPN over Port 53
WireGuard VPN tunneled through port 53, iodine DNS tunnel as fallback, and CrowdSec as a behavioral DNS firewall. Bypasses carrier-level VPN blocking โ nftables routes traffic, CrowdSec bans probers at the kernel level.
Security Infrastructure
Geofiltered IP Blocklist Aggregator
Aggregates multiple public IP blocklists into a single optimized firewall-ready list with VLSM compression and country-level geolocation filtering. Runs twice daily via GitHub Actions, compatible with OPNsense, pfSense, iptables, and OpenWRT.
Home Lab / Infrastructure
Proxmox Disaster Recovery System
Enterprise-grade automated backup and disaster recovery for Proxmox clusters. ZFS snapshots managed by Sanoid, VM-level backups via cv4pve, and off-site replication to Proxmox Backup Server 2 โ fully hands-off.
Monitoring Infrastructure
Grafana + Alloy + Loki Observability Stack
Containerized full-stack observability: Grafana for dashboards, Loki for log aggregation, and Grafana Alloy as the OpenTelemetry-compatible collector โ Docker Compose deployed with persistent storage and alerting rules.
Personal Project
Reticulum Mesh Network Demo
Self-contained Docker demo for Reticulum โ a cryptographic mesh networking stack where your address is the hash of your public key. Runs encrypted shells, file transfers, and LoRa mesh radio demos from a browser terminal.
Privacy / Security
Tor Hidden Service with Vanity .onion
Automated Docker setup to host services on the Tor network with a custom vanity .onion address โ no open ports required. Uses mkp224o for address generation and X25519 client auth for private access control.
Public Talk โ SFS, Littleton CO
OpenWRT Network Infrastructure
Public presentation on custom router firmware ecosystems โ comparing OpenWRT, DD-WRT, Tomato, and Gargoyle across 1,500+ supported devices. Covers build systems, package management, and network hardening.
No projects in this category yet.
What are we working on?
Tell us in a few seconds. Pick your topic below, fill-in your info, send it our way. No message required.
We got it.
Expect a reply from us soon. We'll reach out to the email you provided.