Backend & DevOps

A infraestrutura que
sustenta tudo.

APIs robustas, bases de dados otimizadas, servidores seguros, deploys sem stress. A espinha dorsal invisível que faz funcionar cada projeto.

30+Projetos implantados
99.9%Uptime garantido
50+APIs construídas
0Falhas de segurança
Competências

Stack técnico dominado

Cada ferramenta escolhida pela razão certa — performance, escalabilidade ou velocidade de entrega.

Runtime & Languages

Node.js92%

REST APIs, middleware, WebSockets, Express/Fastify

PHP88%

Pure backend, REST API, cPanel/Apache integration

TypeScript90%

Strict typing, generics, advanced interfaces

Python72%

Automation scripts, Flask API, data processing

Databases

MySQL / MariaDB90%

Complex schemas, indexing, optimized queries

Supabase / PostgreSQL85%

RLS, realtime, auth, storage, edge functions

Prisma ORM88%

Relations, migrations, typed query builder

MongoDB70%

Documents, aggregation, Atlas cloud

Infrastructure & DevOps

Docker82%

Containers, docker-compose, multi-services

Apache / Nginx88%

.htaccess, virtual hosts, proxy, rewrite rules

cPanel / VPS92%

Deployment, DNS, FTP, SSL certificates

Git & CI/CD85%

Git flow, GitHub Actions, auto deployment

Security & Auth

JWT / OAuth287%

Stateless auth, tokens, refresh, roles

HTTPS / SSL / TLS92%

Let's Encrypt certificates, HSTS, CORS

Firewall & WAF80%

iptables rules, fail2ban, DDoS protection

GDPR & CNDP85%

Law 09-08 compliance, T&C, privacy policy

O que construo

Serviços Backend

01

REST API & GraphQL

Design and development of robust APIs, documented with Swagger. Versioning, rate limiting, pagination.

02

Database Architecture

Complex schema modeling, query optimization, indexing, relations, migrations.

03

Docker & Micro-services

Application containerization, multi-service orchestration, dev/prod environment isolation.

04

Auth & Security

Secure authentication systems — JWT, OAuth2, sessions, RBAC, 2FA, CSRF/XSS protection.

05

Transactional Emails

SMTP, Mailgun, SendGrid — HTML templates, triggered emails, bounce handling.

06

Online Payment

CMI, Stripe, PayPal integration. Webhooks, order confirmation, banking compliance.

07

Deployment & CI/CD

Automated deployment pipeline, rollback, zero-downtime, bash automation scripts.

08

Monitoring & Logs

Uptime monitoring, alerts, centralized logs, server performance dashboards.

09

Backups & Recovery

Daily/weekly auto backup strategy, fast restoration, failure resilience.

Setup Servidor

Do zero à produção em 5 passos

01

Provisioning

VPS/host choice, OS installation, secure SSH access, network and DNS configuration.

02

Stack Setup

Apache/Nginx, PHP/Node.js, MySQL, SSL Let's Encrypt installation, firewall configuration.

03

Deployment

File upload, DB migrations, environment variables, final consistency tests.

04

Hardening

Fail2ban, HSTS, security headers, WAF, vulnerability audit, backup policy.

05

Monitoring

Uptime Robot, email/SMS alerts, log rotation, Grafana dashboards if needed.

Realizações Backend

Projetos em produção

Event Platform

Full PHP API — online registration, secure payment, participant management, real-time admin dashboard.

PHP REST APIMySQLPayment GatewayCNDP ComplianceApachecPanel
100+Managed users
20+API endpoints
99.9%Uptime

Booking System

Full backend — Prisma ORM + Supabase, real-time availability, automated emails, admin dashboard.

Node.jsPrismaSupabasePostgreSQLViteAuth JWT
15+Units managed
500+API calls/day
95+PageSpeed

Sports App [Confidential]

Multi-service backend — Node.js API for team/match/standings management, PostgreSQL, OAuth2 auth, real-time push notifications.

Node.jsDockerPostgreSQLWebSocketREST APIOAuth2
5Micro-services
40+Endpoints
WSReal-time

Editorial Platform [Confidential]

Supabase backend — editor authentication, article/category/tag management, CDN image upload, granular RLS policies.

SupabasePostgreSQLRLSStorageEdge FunctionsAuth
50+Articles indexed
12RLS policies
WSRealtime
Extrato de código

Código limpo,
manutenível e documentado

api/users.tsTypeScript
// POST /api/users — Secure account creation
export async function createUser(req: Request, res: Response) {
  const { name, email, password, role = 'user' } = req.body;

  if (!name || !email || !password) {
    return res.status(400).json({ error: 'Required fields missing' });
  }

  try {
    const existing = await db.query(
      'SELECT id FROM users WHERE email = ? LIMIT 1',
      [email]
    );
    if (existing.length > 0) {
      return res.status(409).json({ error: 'Email already in use' });
    }

    const hash = await bcrypt.hash(password, 12);

    const result = await db.query(`
      INSERT INTO users (name, email, password_hash, role, created_at)
      VALUES (?, ?, ?, ?, NOW())
    `, [name, email, hash, role]);

    const token = jwt.sign(
      { id: result.insertId, email, role },
      process.env.JWT_SECRET!,
      { expiresIn: '7d' }
    );

    await mailer.send({ to: email, template: 'welcome', data: { name } });

    return res.status(201).json({ success: true, token });

  } catch (err) {
    console.error('[createUser]', err);
    return res.status(500).json({ error: 'Server error' });
  }
}

Precisa de infraestrutura sólida?

Seja uma API do zero ou uma reformulação de infraestrutura existente, cuido de todo o backend — do design ao deploy seguro.

AL.

© 2026 Aymane Limam — Desenvolvedor Full-Stack & Especialista SEO