Infrastructure architect building practical systems for endpoint readiness, Zero Trust operations, client validation, and terminal-native automation.

complex enterprise environment -> clear signals -> repeatable action

I work where infrastructure, security, endpoint platforms, and operations meet: Citrix, IGEL OS, eLux, Intune, identity, certificates, client health, and the messy last mile where systems either work for users or quietly fail.

I build local-first tools for endpoint readiness, automation, and AI-assisted operations.

My work focuses on turning messy infrastructure signals into clear, repeatable actions for support, architecture, and operations teams.

The MQ stack is the core of that work: eight repos that together take a local git repo or operational screenshot and produce scored health signals, release gates, regression alerts, contract checks, CI-enforced stack gates, and structured reviews — all without leaving the terminal.

The MQ projects are a local-first toolchain for turning operational complexity into visible state, safer decisions, and repeatable action.

mqlaunch (macos-scripts)
    └──▶ mq-agent
              ├──▶ stack sweep ──▶ repo-signal (score each repo)
              │         └──▶ ~/.mq-agent/sweep-history.jsonl
              ├──▶ stack history / alert / report / release-check / release-notes / contract-check
              ├──▶ CI gate ──▶ GitHub Actions (contract-check + release-check)
              └──▶ deep review ──▶ mq-mcp (tool runtime)
                                        ├──▶ repo-signal
                                        ├──▶ mq-image-analyze
                                        └──▶ mq-hal / mq-ums

Together, these repos describe one operating pattern:

local repo / endpoint / screenshot -> structured signal -> reviewed action

From one terminal, the full MQ stack health pipeline — no API key, no network calls:

# Score every repo in the MQ stack
mq-agent stack sweep

# Consolidated view: score, trend, alert, ready per repo
mq-agent stack report

# Regression gate: exits 1 if any repo dropped ≥ 10 pts or fell below 80
mq-agent stack alert

# Release gate: exits 1 if any repo has blockers (VERSION, CHANGELOG, clean tree)
mq-agent stack release-check

# Draft release notes from git commits since last tag, per repo
mq-agent stack release-notes

# Contract gate: exits 1 if repo contracts are missing, blocked, or drifting
mq-agent stack contract-check

CI-enforced stack gate:

pull request / push to main
  -> GitHub Actions
  -> mq-agent stack contract-check --json
  -> mq-agent stack release-check --json

Or trigger from the terminal menu (macOS):

mqlaunch
# → Agent menu → 18. MQ Stack cockpit

Deep per-repo review (requires OpenAI API key and mq-mcp running):

mq-agent signal . --brain        # repo-signal readiness + brain note
mq-agent review repo . --brain   # mq-mcp code review + brain note
mq-agent release-check --dry-run # release gate preview

Full signal flow:

terminal (mqlaunch)
  └──▶ mq-agent stack sweep
            └──▶ repo-signal scores each repo     (local, no key)
            └──▶ history written to JSONL          (~/.mq-agent/sweep-history.jsonl)
  └──▶ mq-agent stack alert                        (compare last two sweeps)
  └──▶ mq-agent stack report                       (score + trend + alert + ready per repo)
  └──▶ mq-agent stack release-check                (VERSION, CHANGELOG, branch, clean tree)
  └──▶ mq-agent stack release-notes                (commits since last tag, per repo)
  └──▶ mq-agent stack contract-check               (.mq/repo-contract.json + VERSION sync)
  └──▶ GitHub Actions MQ Stack Gate                (CI-enforced contract + release checks)

History persists across runs — trend and regression data accumulates automatically.

This repository powers the mcamner.github.io/MCamner GitHub Pages site and a set of browser-based client readiness tools under docs/.

It is both:

• a technical profile for my systems and automation work
• a working static toolkit for endpoint readiness and validation demos

Live site:

https://mcamner.github.io/MCamner/

Run the static site locally:

python3 -m http.server 8000 --directory docs

Open:

http://127.0.0.1:8000/

Run the primary client readiness helper:

python3 helper/client_readiness_agent.py --baseline igel-os12

Generate saved v2 diagnostic data:

python3 helper/client_readiness_agent_v2.py \
  --profile igel-os12-citrix \
  --pretty \
  --out docs/live-client-data.json

Run local checks:

python3 -m compileall helper tests
python3 -m pytest tests
python3 -m flake8 helper tests

A browser-first readiness surface for enterprise clients. It validates signals that matter before a user hits a broken Citrix, kiosk, browser, certificate, or network path.

client state -> readiness profile -> pass/fail signals -> support-ready report

Public entrypoints:

• docs/index.html - landing page for the client tools
• docs/client-readiness-check.html - v1 browser readiness check
• docs/client-readiness-v2.html - multi-profile diagnostics

Helper entrypoints:

• helper/client_readiness_agent.py - local read-only helper API
• helper/client_readiness_agent_v2.py - v2 data collector
• helper/client_helper.py - experimental helper surface

The v2 page reads data in this order:

localhost helper -> saved live data -> sample fallback data

That makes it useful for real clients, demos, and offline review.

These visuals show the broader operating style behind the client tools: command surfaces, system maps, and workflows designed for fast operational scanning.

Tools that make client state visible before production access fails.

• IGEL OS 12 and eLux baseline checks
• Citrix access readiness
• browser-visible endpoint signals
• local helper-assisted diagnostics
• support-friendly reports

Command surfaces that turn scattered scripts into structured workflows.

• terminal-native menus
• repeatable release checks
• repo intelligence workflows
• local assistant tooling
• safe operator prompts

Practical architecture that respects security, support, usability, and real operational constraints at the same time.

A terminal-first macOS automation toolkit built around mqlaunch, a modular command surface for daily operations, release checks, diagnostics, and local AI workflows.

one command -> structured workflows -> repeatable execution

Repo: https://github.com/MCamner/macos-scripts
Site: https://mcamner.github.io/macos-scripts/

Architecture:

• one entrypoint
• modular scripts underneath
• discoverable terminal workflows
• automation without hiding execution

Early browser-based prototypes for endpoint visibility, readiness checks, compliance surfaces, and enterprise validation workflows. Origin lab for several patterns now in production across the MQ stack.

Repo: https://github.com/MCamner/Design-Prototype
Site: https://mcamner.github.io/Design-Prototype/

MQ Mirror translates macOS GUI actions into terminal command equivalents so operators can learn, document, and execute faster.

tools/mqmirror/mqmirror network
tools/mqmirror/mqmirror inspect
tools/mqmirror/mqmirror watch --interval 1 --compact --ignore-terminal

GUI action -> CLI equivalent -> better operational understanding

Part of: https://github.com/MCamner/Design-Prototype/tree/main/tools/mqmirror

MQ Client Optimizer evaluates IGEL OS 12 and macOS clients against structured baselines covering Citrix readiness, certificate health, and CIS-style security compliance.

python3 tools/mq-client-optimizer/mq_client_optimizer.py list-baselines
python3 tools/mq-client-optimizer/mq_client_optimizer.py analyze \
  --baseline macos-enterprise-cis-lite \
  --sample
python3 tools/mq-client-optimizer/mq_client_optimizer.py serve

client data -> baseline evaluation -> scored report

Part of: https://github.com/MCamner/Design-Prototype/tree/main/tools/mq-client-optimizer

• Endpoint & EUC: Citrix, IGEL OS, eLux, Intune, SCCM
• Infrastructure: Active Directory, VMware, Windows, Linux
• Security: Zero Trust, certificates, identity, access patterns
• Automation: Python, Bash, Zsh, CLI workflows
• Architecture: client readiness, validation, structured systems

docs/       GitHub Pages site and browser readiness tools
helper/     read-only local helper agents and baseline logic
tests/      Python tests for helper behavior
cases/      short case notes and architecture narratives
bin/        local command entrypoints

The site is served via GitHub Pages from:

main /docs

Release flow:

./release.sh --dry-run <version>
./release.sh <version>

Near-term: keep tightening client readiness diagnostics, improve the static Pages experience, and turn the strongest endpoint validation patterns into reusable case studies under cases/.

For the MQ stack: the stack control plane is now CI-enforced on mq-agent main — sweep, history, alert, report, release-check, release-notes, and contract-check are covered by one orchestrator, with GitHub Actions running contract-check and release-check on PRs and pushes to main.

Next MQ focus: formalize the v1.12 release notes and add an mqobsidian stack truth export so CI/local gate results become long-term architecture memory.

• reduce complexity instead of adding layers
• make operational state visible
• balance security with usability
• build tools that can be explained under pressure
• prefer repeatable workflows over heroic manual fixes

real problems -> real constraints -> practical systems

• Website: https://mcamner.com
• LinkedIn: https://www.linkedin.com/in/mattias-camner-75958022
• Art platform: https://blackiris.se

Build things that work. Then make them impossible to break.

This repo is a static GitHub Pages project with local helper scripts for client readiness workflows. Do not commit personal notes, customer data, credentials, private endpoint details, or collected live diagnostics unless they are sanitized and intended for publication.

MIT