Skip to main content
CryptoFlex// chris johnson
Shipping
ISSUE #125CRYPTOFLEX / ENGINEERING LABMAY 30, 2026
Personal blog · Field notes

Build in public.
Break things
on purpose.

Long-form writing on security engineering, AI-assisted development, and the craft of shipping things that actually work. Stream-of-consciousness notes from a working lab, not a brochure.

Read the blog →About Chris
Chris Johnson

Chris Johnson
Engineer · Builder · Researcher

POSTS PUBLISHED 75. TESTS PASSING 589. CODE COVERAGE 98%. ACTIVE PROJECTS 5. AGENTS ORCHESTRATED 7. COMMITS / 7 DAYS 117. UPTIME / 90 DAYS 99.97%. COFFEE / WEEK 21 cups
§ 01 / The Blog
The Blog

From the workshop.

Notes, experiments, and postmortems. Writing is a thinking tool here, not a marketing funnel.

● Lead Story
LOG LAKE panel build, branded NotebookLM infographic. Two halves. Top half is the clean architecture (ingestion-health strip, GUI query builder, identifier-allowlist compiler, parameterized ClickHouse SQL). Bottom half is the five-bug deploy gauntlet (readonly-pool 500, poll crash loop, 20-day Pi-hole gap, stale Vector config, UDM doubled-hostname frame). Closes with the meta-lesson, one SELECT count() that revealed 100% of 159,909 rows were DNAT and vetoed a complex rewrite in favor of a four-line MV recreation.
Home LabSIEMClickHouse

Home Network Mission Control: The LOG LAKE Panel, Five Deploy Bugs, and a Vetoed Bytes-Codec Rewrite

Part 6 of the home network dashboard build. The LOG LAKE panel ships a SIEM ingestion-health strip and a GUI firewall query builder that compiles to parameterized ClickHouse under the hood. One PR, two waves, 1193 backend tests at merge. Then deploy day on the live Mac mini produced five production-only bugs in a single afternoon: a readonly-pool 500, a timezone-mixed poll crash that had been firing every five minutes for hours, a 20-day-silent Pi-hole pipeline (two layers stacked), a Vector container reading a stale bind-mounted config, and a UDM doubled-hostname frame that silently broke action derivation for 159,909 rows. The meta-lesson is that the proposed fix for the last one was an invasive Vector source rewrite that the persona team vetoed in favor of an operator toggle and a four-line MV recreation.

24 min readMay 30, 2026Read →
01
Home Lab

Home Network Mission Control: A SIEM You Can Actually Search

21 min read · May 24, 2026
02
SIEM

Building a Custom SIEM, Part 2: Implementation and Gotchas

18 min read · May 21, 2026
03
Home Lab

Homelab Wazuh, Part 3: The Cascade, the Fix, and Four Active Agents

26 min read · May 18, 2026
04
Home Lab

Homelab Wazuh, Part 2: The Nine-Wave Deploy and First Contact With the Live Server

22 min read · May 15, 2026
05
SIEM

Building a Custom SIEM, Part 1: Why and the Architecture

14 min read · May 14, 2026
All posts (75)Go to the full archive →
§ 02 / About the Author

If you like engineering that's pragmatic, iterative, and a little experimental, you'll feel at home here.

Chris Johnson — Engineer & Operator

I'm an engineer who uses this blog as a playground. Ship things, learn fast, write it down. My career bounced through military intelligence, chem/bio defense at the Pentagon, IT operations, security engineering, and cloud architecture before landing in cybersecurity defense operations, where I spend most of my days now.

The work here skews toward security engineering, AI-assisted development, and the long-tail craft of making things that actually run in production. I write because the fastest way to learn is to build in public — most posts are postmortems of projects I'm actively wrestling with, not tidy retrospectives from the other side.

§ 03 / Selected Work
Portfolio

Things I've shipped.

Six representative builds — memory architecture, MCP servers, retro game rebuilds, and agent systems. More on the portfolio page.

01 / 06

Persistent Memory for Claude Code

Two-tier memory architecture: a global rule file plus a vector-database MCP server with 30-day temporal decay. Context survives every session with zero manual effort.

Two-tier persistent memory architecture for Claude Code
Claude CodeMCPVector DB
02 / 06

Third Conflict

Browser-based 4X space strategy game rebuilt from a 1991 DOS classic. Tech trees, admiral system, four AI strategies, and 5,250+ lines of pure-function architecture.

TypeScriptReactGame AI
03 / 06

Custom UniFi MCP

103 tools, 208 unit tests, 12 hours across three days. A lazy-loading UniFi MCP server packaged as a Claude Code plugin that installs with two slash commands.

UniFi MCP infographic — 103 tools, 208 tests, three days
PythonFastMCPUniFi
04 / 06

Claude Code Config

Open-source automation system: persistent vector memory, knowledge graph, 30+ custom skills, multi-repo orchestration, continuous learning loop.

TypeScriptMCPSQLite
05 / 06

OpenClaw

Seven-agent orchestration system on a headless Mac Mini. Telegram bots per agent, pixel-art Mission Control dashboard, Ollama embeddings, watchdogs.

OpenClaw Mission Control pixel-art SOC dashboard
OpenClawOllamaTelegram
06 / 06

5-Layer Memory System vs. The World

22 sources, 3 parallel research agents, 18 search queries. Benchmarked my 5-layer memory architecture against community norms and shipped three improvements the same day.

5-layer memory architecture vs. community approaches — comparison infographic
Deep ResearchMCPMemory
§ 04 / Consulting
Services

Selective engagements.

I take on a small number of projects through CryptoFlex LLC each year. Cybersecurity, infrastructure, strategy, web.

01

Security Consulting

Security assessments, vulnerability analysis, and architecture review. Practical risk posture work without the vendor push.

  • Posture assessments
  • Vulnerability analysis
  • Architecture review
  • IR planning
02

IT Infrastructure

Network design, server infrastructure, and cloud architecture for small office to hybrid environments.

  • Network design
  • Server infrastructure
  • Cloud migration
  • Performance tuning
03

IT Strategy

Technology strategy for small businesses. Make smart decisions without vendor sales pressure.

  • Roadmapping
  • Vendor-neutral advice
  • Budget planning
  • Project management
04

Web Development

Modern, fast, secure websites for businesses. Build, host, maintain — one operator, no agency overhead.

  • Custom design & build
  • Hosting & maintenance
  • Performance & SEO
  • Ongoing updates
§ 05 / Career Log
CV / Timeline

A working history.

Unusual path into security engineering. Every stop left a fingerprint on how I build now.

Today
Cybersecurity Defense OperationsSecurity engineering & SOC — detection, response, resilience.
Florida
Mid 2020s
Security Engineer & Cloud ArchitectHardened systems, designed controls, built cloud infrastructure.
Remote
Early 2020s
IT OperationsService desk, project management, developer work across the stack.
Various
Late 2010s
Chem/Bio DefenseMission-critical operations at the Pentagon and US Capitol.
Washington, DC
Earlier
Intelligence & Combat OperationsUS military — analyst and combat veteran (Iraq, Afghanistan).
Deployed
Subscribe

Field notes, every Monday.

One email a week with postmortems, short essays, and anything I found worth linking. No tracker pixels, no growth hacks — just what I'm actually reading and building.

Navigation

Blog Posts

↑↓ navigate openesc close