Gaurav Gughane gitggaurav

╔═══════════════════════════════════════════════════════════════╗
║   ██████╗  █████╗ ██╗   ██╗██████╗  █████╗ ██╗   ██╗        ║
║  ██╔════╝ ██╔══██╗██║   ██║██╔══██╗██╔══██╗██║   ██║        ║
║  ██║  ███╗███████║██║   ██║██████╔╝███████║██║   ██║        ║
║  ██║   ██║██╔══██║██║   ██║██╔══██╗██╔══██║╚██╗ ██╔╝        ║
║  ╚██████╔╝██║  ██║╚██████╔╝██║  ██║██║  ██║ ╚████╔╝         ║
║   ╚═════╝ ╚═╝  ╚═╝ ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝  ╚═══╝          ║
║                                                               ║
║          Backend Engineer · Infrastructure · Linux            ║
╚═══════════════════════════════════════════════════════════════╝

`$ whoami`

I build backends that scale and frontends that don't get in the way.

Most of what I work on lives in the unsexy but critical layer — multi-tenant infrastructure isolation, provisioning pipelines, auth systems. The parts that have to be right before anything else matters.

Currently building a SaaS platform from scratch:

schema-per-tenant data isolation — every tenant gets their own schema, not just a filtered view
End-to-end 2FA + RBAC — roles that actually mean something, tokens that actually expire
Automated onboarding — zero manual ops from signup to live tenant

Not glamorous. It's the foundation everything else runs on.

I contribute to open source, care deeply about the OS layer, and read kernel changelogs for fun. Yes, actually.

`$ cat architecture.md`

Current Build: Multi-Tenant SaaS Platform

flowchart TD
    Client(["🌐 Client\nReact · TypeScript"])

    subgraph Gateway["API Gateway Layer"]
        RateLimit["Rate Limiter"]
        AuthFilter["Auth Filter\nJWT · 2FA"]
        Router["Request Router"]
    end

    subgraph Auth["Auth Service"]
        Login["Login Flow"]
        TOTP["TOTP / 2FA"]
        TokenMgr["Token Manager\nRefresh · Revoke"]
        RBAC["RBAC Engine\nRoles · Permissions"]
    end

    subgraph Provisioning["Tenant Provisioning"]
        Onboard["Onboarding Pipeline"]
        SchemaGen["Schema Generator"]
        SeedData["Seed + Config"]
    end

    subgraph MultiTenant["Multi-Tenant Data Layer"]
        direction LR
        Resolver["Tenant Resolver\nContext Propagation"]
        SchemaA[("tenant_acme\nPostgreSQL Schema")]
        SchemaB[("tenant_globex\nPostgreSQL Schema")]
        SchemaC[("tenant_initech\nPostgreSQL Schema")]
    end

    subgraph Infra["Infrastructure"]
        Docker["🐳 Docker"]
        AWS["☁️ AWS"]
        CI["CI/CD Pipeline"]
        Linux["🐧 Linux"]
    end

    Client -->|HTTPS| RateLimit
    RateLimit --> AuthFilter
    AuthFilter --> Router
    Router --> Auth
    Router --> Provisioning
    Router --> Resolver

    Auth --> RBAC
    Auth --> TOTP
    Auth --> TokenMgr

    Provisioning --> Onboard
    Onboard --> SchemaGen
    SchemaGen --> SchemaA
    SchemaGen --> SchemaB
    SchemaGen --> SchemaC

    Resolver --> SchemaA
    Resolver --> SchemaB
    Resolver --> SchemaC

    Docker --> AWS
    CI --> Docker
    Linux -.->|"runs it all"| Infra

    classDef primary fill:#1a1a2e,stroke:#e94560,color:#fff,stroke-width:2px
    classDef secondary fill:#16213e,stroke:#0f3460,color:#e0e0e0,stroke-width:1px
    classDef db fill:#0f3460,stroke:#e94560,color:#fff,stroke-width:2px
    classDef infra fill:#1a1a1a,stroke:#4ade80,color:#4ade80,stroke-width:1px

    class Client,Router,AuthFilter primary
    class Login,TOTP,TokenMgr,RBAC,Onboard,SchemaGen,SeedData,Resolver secondary
    class SchemaA,SchemaB,SchemaC db
    class Docker,AWS,CI,Linux infra

Key design decisions:

Schema-per-tenant over row-level security — true isolation, no WHERE tenant_id = ? scattered everywhere
RBAC at the resolver level — permissions enforced before data layer, not after
Stateless auth + refresh token rotation — revokable, auditable, no sticky sessions
Provisioning as a pipeline — schema creation, seeding, and config as atomic steps

`$ cat stack.json`

{
  "backend": ["Spring Boot", "Spring Security", "Spring Data JPA", "Express.js"],
  "frontend": ["React", "Redux", "TanStack Query", "TypeScript"],
  "data": ["PostgreSQL", "MySQL", "Hibernate"],
  "infra": ["AWS", "Docker", "CI/CD", "Linux"]
}

Backend

Frontend

Data & Infra

`$ git log --stat`

`$ ls ~/open-source/`

Repository	Description	Lang
`archinstall`	Forked from `archlinux/archinstall` — Arch Linux guided installer	`Python`
`kitty`	Terminal emulator configuration & patches	`Shell`
`portfolio`	Personal site — gauravgughane.dev	—

Contributing upstream. Reading changelogs. Keeping the OS sharp.

`$ echo $CURRENT_FOCUS`

[1] Building multi-tenant SaaS infrastructure (schema isolation, provisioning)
[2] Hardening auth — 2FA, RBAC, token rotation
[3] Contributing to archinstall upstream
[4] Reading: kernel 6.x memory management patches

┌─────────────────────────────────────────────────┐
│  "The parts that have to be right before        │
│   anything else matters."                       │
│                                         — gg    │
└─────────────────────────────────────────────────┘

Rebuilding from @gitggaurav — previous account compromised.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly