DEV Community: Salah Eddine Medkour

How my brain forced me to create "Nadeef". A non-profit civic cleaning PWA

Salah Eddine Medkour — Wed, 29 Apr 2026 21:54:57 +0000

I'm Salah Eddine Medkour. I teach Python and ICT at Badji Mokhtar University in Annaba, Algeria, and I build things on the web when my brain won't let me sleep. Before Nadeef, I made AirQuiz, an offline quiz platform that saved me 95% of my grading time when the university's internet couldn't handle 289 students taking exams simultaneously. I graduated with a master's in Network Engineering, but most of what I actually build comes from being annoyed at problems that shouldn't exist.

The trash pile that started everything

There's a spot near my apartment. Trash bags piled against a crumbling concrete pillar under a highway overpass. It's been there for three weeks. Every morning I walk past it. Every morning I think someone should clean it. Every morning I realize I'm "someone" and I keep walking.

This is the problem with civic responsibility. Everyone sees it. Nobody owns it. The municipality won't come unless you call, and calling means navigating a phone tree that goes nowhere. Posting in a Facebook group gets 30 "inshallah someone fixes this" comments and zero action.

I wasn't planning to build an app about this. I was scrolling through my Notes app looking for a grocery list when I found an entry from 2 AM three months ago. Just a title: "Trash reporting app but make it not annoying." Below it, a messy diagram of pins on a map, some arrows, the word "gamification" circled twice.

I don't remember writing this. But drunk-brain or sleep-deprived-brain or whatever version of me wrote it was right. The idea wouldn't leave.

What Nadeef actually is

Nadeef means "clean" in Arabic. It's a PWA, a progressive web app, which means it works on your phone without downloading anything from an app store. No 50MB install. No permissions popups. Just a link.

The concept is stupid simple. You see trash. You open Nadeef. You take a photo with your live camera (no uploading old photos from your gallery because people will absolutely try to cheat). GPS tags your exact location. You pick a severity level: minor litter, accumulated waste, or environmental hazard. You add a title. Done. A red pin drops on the map.

Someone else nearby sees the pin. They tap it. They see your photo, the location, how much XP they'll earn for cleaning it. They accept the mission. They clean it. They take an after photo. You get a notification asking you to confirm the cleanup is real. You swipe through a before/after slider. If it looks good, you approve. They get XP. The pin turns green. Everyone moves on.

That's the whole loop. Report, clean, verify, reward.

Why I built it in 24 hours

I gave myself one day. Not because I'm fast but because if I spend more than a weekend on something, I'll overthink it into complexity and never ship.

I used what I knew would work: React for the UI, Supabase for the database and auth, Leaflet for maps, Netlify to host it. All free tiers. Zero dollars spent. I'm not trying to raise money or pitch investors. This is a tool, not a startup.

The tech stack matters less than the decisions I made while building:

Camera-only uploads. No gallery access. This prevents someone from uploading a photo they took six months ago and claiming they just cleaned a spot. The camera forces fresh photos with GPS metadata I can validate.

Before/after slider. This is the part I'm most proud of. It's just two images with a draggable divider, but the emotional impact of sliding from dirty to clean is absurd. People spend 20 seconds just dragging the slider back and forth. It makes the transformation undeniable.

Gamification without manipulation. You earn XP for reporting and cleaning. You rank up from Scout to Pioneer to Guardian. You unlock badges for cleaning at dawn, cleaning in teams, being the first to clean in a new neighborhood. But there are no daily login streaks that punish you for missing a day. No dark patterns. No engineered addiction. Just visible progress for actual work.

Bilingual by default. The app is Arabic and English, toggled with one tap. Most civic tech ignores Arabic or treats it as an afterthought. I built the UI in both languages from day one, with proper right-to-left layout for Arabic, because half of Algeria prefers Arabic interfaces and they shouldn't have to settle.

The philosophy underneath

Nadeef is not about altruism. It's about ownership.

When trash sits on your street for weeks, you feel powerless. The system failed. The municipality didn't come. Nobody cares. So you stop caring too. Learned helplessness.

Nadeef flips that. You see trash. You report it. Someone cleans it. You verify it. Suddenly you're not powerless. You identified a problem. Someone else solved it. The system worked because you both made it work.

This is civic infrastructure built by civilians. No budget. No bureaucracy. Just people who live somewhere deciding that somewhere should be cleaner.

The gamification exists because humans are competitive and we respond to visible progress. The leaderboard shows you the top cleaners this week. The badges show you milestones. The XP number goes up. These are extrinsic motivators, sure, but they get people through the door. Once you've cleaned three spots and seen the before/after photos, you don't need the XP anymore. You're hooked on the transformation itself.

What people actually do with it

I didn't have a marketing budget or a grand launch plan. I just took some screenshots, wrote a brutally honest post about why I built it, and dropped it into a few Algerian Facebook groups and Reddit.

I fully expected it to get ignored or buried. Instead, the community loved it.

Because it’s strictly non-profit—no ads, no subscription fees, no data selling—people immediately dropped their defenses. They realized they weren't being sold a product; they were being handed a tool.

Within hours, real users were logging in. They were dropping pins on the map over Annaba, testing the mechanics, engaging with the RTL Arabic layout, and validating the core loop. People in the comments started suggesting features like a "Wall of Shame" to hold local municipalities accountable based on the map data.

Seeing strangers across the internet instantly grasp the value of the platform—and actually care enough to test the mechanics—gave me a feeling I wasn't expecting. Validation. I just built the engine, but the community proved they were ready to drive it.

That's when I knew this might actually work.

The problems I didn't anticipate

Spam. Within 48 hours someone uploaded a photo of a cat and marked it as a level 3 environmental hazard. I added a flagging system.

Fake cleanups. Someone uploaded an after photo that was clearly just a different angle of the same trash pile. I tightened the EXIF validation and added community voting for suspicious submissions.

Territorial behavior. Two users started competing for the same spots. They'd both rush to claim a pin the second it appeared. I added a claim-locking system. Once someone hits "start cleaning," they get a 30-minute exclusive window.

These are good problems. They mean people care enough to try to break the system.

What's missing and what's next

Nadeef has no business model. I'm not monetizing this. I'm not putting ads in it. I'm not selling data to waste management companies.

I do want partnerships, but only under specific terms. If a company wants to sponsor a cleanup campaign or fund supplies, fine. Any profit from those collaborations goes to registered charities or gets reinvested into cleanup campaigns. No one gets rich off people picking up trash.

I'm also terrible at promotion. The app exists. It works. I posted it on social media once. That's the extent of my marketing. I'm open to volunteers who want to help spread it, moderate content, translate it to other languages, or build on top of it.

If an NGO in Tunisia or Morocco wants to adapt it for their city, the code will eventually be open source. Take it. Fork it. Make it better.

Right now I'm focused on making it work well in Annaba. Ten users cleaning three spots each per week is more valuable than 1,000 users who sign up, look around, and leave.

Why I'm writing this

I'm writing this because I want the app to show up when someone Googles "civic engagement Algeria" or "community cleanup tool" or "how to report trash in my city."

I'm also writing this because building in public is uncomfortable and I need to get better at it. I don't naturally share half-finished work. I don't naturally ask for help. But Nadeef won't scale if I'm the only one who knows it exists.

If you're in Annaba and you've walked past the same trash pile for three weeks, try Nadeef. If you're in another city and you want to adapt the idea, contact me. If you're a graphic designer or developer or community organizer and you want to help, I'll figure out how to coordinate volunteers.

The app is at nadeef.netlify.app. It's a website. Open it on your phone. No download. No signup required to browse the map. You only need an account if you want to report or clean.

The source code isn't public yet but it will be. React, Supabase, Leaflet, Tailwind. Standard modern web stack. Nothing fancy. It works.

The thing I keep thinking about

There's a concept in Islam called sadaqah jariyah. Continuous charity. The idea is that some good deeds keep generating reward even after you die. Planting a tree. Digging a well. Teaching someone to read.

I'm not religious, but the concept resonates. If Nadeef helps someone clean one spot, and that inspires someone else to clean another, and that creates a norm where neighborhoods take care of themselves, then the initial effort compounds.

I didn't set out to build something altruistic. I set out to scratch an itch. I was annoyed that trash sat in public spaces for weeks because the coordination problem was unsolved. So I solved the coordination problem.

If that happens to make the world slightly cleaner, I'll take it. But mostly I just wanted to stop walking past that trash pile every morning and feeling helpless.

Now I don't.

Salah Eddine Medkour is a web developer, network engineering graduate, and university instructor from Annaba, Algeria. He builds tools that solve problems he's personally annoyed by. You can find him on LinkedIn or contact him at medkoursalaheddine@gmail.com.
My Website : salaheddinemedkour.me
Nadeef is live at NADEEF APP.

CORP.DZ: Enterprise Infrastructure Home Lab - Salah Eddine Medkour

Salah Eddine Medkour — Wed, 18 Feb 2026 20:09:01 +0000

A hybrid enterprise network simulation replicating Small-to-Medium Business (SMB) infrastructure. This project demonstrates the on-premise integration of Windows Active Directory with Linux services, identity management automation, defensive auditing, and network segmentation.

Project Overview
Author & Links
Laboratory Environment
Network Topology
Implementation Walkthrough
- Phase 1: The Foundation (Identity & DNS)
- Phase 2: Hybrid Services (Linux Integration)
- Phase 3: Operations & Security (GPO & Audit)
- Phase 4: Network Engineering (Routing & Hardening)
Tools & Utilities
Key Configurations
Disclaimer

Project Overview

Corp.DZ is a hands-on home lab built to simulate a secure corporate LAN. Unlike cloud-based labs, this environment focuses on on-premise logic, requiring manual configuration of TCP/IP stacks, internal DNS zones, routing tables, and Active Directory forests.

Key Competencies Demonstrated:

Air-Gapped Architecture: Designed an isolated internal subnet structure (192.168.10.x / 172.16.20.x) ensuring zero leakage to the host network.
Hybrid Integration: Successfully bridged Windows Server 2022 and Ubuntu Linux 24.04 using split-brain DNS.
Identity Management: Deployed AD DS, RBAC (Role-Based Access Control), and automated user provisioning via PowerShell.
Security Ops: Implemented Least Privilege delegation, SSH hardening (Key-based auth), and conducted internal penetration tests.

Author & Links

Salah Eddine Medkour Junior Network Engineer | Technical Lab Instructor @ Badji Mokhtar University | Master’s in Networks & Telecommunications

🌐 Portfolio: salahmed-ctrlz.github.io
💼 LinkedIn: Salah Eddine Medkour
🐙 GitHub: salahmed-ctrlz

Laboratory Environment

The infrastructure operates on a local workstation using Oracle VirtualBox. VMs are bridged via dedicated "Internal Network" adapters to simulate physical LAN cabling.

*Host Hardware Configuration
*

CPU: AMD Ryzen 5 5600 (6 Cores / 12 Threads)
GPU: NVIDIA GTX 1650 (Dual Monitor Setup for Admin Center simulation)
RAM: 16 GB DDR4 (Dynamically allocated to VMs)
Storage: NVMe SSD (Critical for concurrent VM I/O)
Network: 1.5 Gbps FTTH (Host-side only for ISO retrieval)

Virtual Machine Inventory (BOM)
CorpDZ-DC

Role: Domain Controller & Router

OS: SERVER_EVAL_x64FRE_en-us.iso (Server 2022)

Network: Static IP (.2) / Dual NIC

1.CorpDZ-Client

Role: Employee Workstation
OS: en-us_windows_10_enterprise_ltsc_2021...iso
Network: DHCP (Relay)

CorpDZ-Web

Role: Intranet Server
OS: ubuntu-24.04.3-live-server-amd64.iso
Network: Static IP (.5)

Kali-Audit

Role: Red Team / Audit
OS: Kali Linux Rolling 2024
Network: DHCP

Network Topology

The lab evolved from a flat network to a segmented architecture to simulate enterprise security zones.

Implementation Walkthrough

*Phase 1: The Foundation (Identity & DNS)
*

Establishing the Data Center core.
Server Provisioning: Installed Windows Server 2022 and promoted to Domain Controller (corp.dz).
IP Management: Configured Static IPs and authorized DHCP Scope OfficeLAN (.100-.200).
Client Onboarding: Joined Windows 10 LTSC Client to the domain; verified internal DNS resolution.

*Phase 2: Hybrid Services (Linux Integration)
*

Bridging OS environments.
Linux Deployment: Deployed Ubuntu Server; configured Netplan (YAML) for static networking pointing to the Windows DC for DNS.
Intranet Services: Installed Nginx and deployed a custom "Authorized Personnel Only" dashboard.
Resolution: Created a Windows DNS A-Record mapping www.corp.dz to the Linux server IP. Validated access from client browsers.

*Phase 3: Advanced Administration (GPO & Security)
*

Simulating real-world SysAdmin tasks.
Automation: Scripted bulk user onboarding via PowerShell (CSV import).
Least Privilege: Created a "Junior Admin" account (Adam.Helpdesk) and Delegated Control for specific OUs only.
Disaster Recovery: Implemented Folder Redirection GPO. User Desktop data automatically syncs to a central server share (\CorpDZ-DC\UserFiles).
Policy Management: Managed GPO Precedence (LSDOU), utilizing "Enforced" policies to resolve conflicting wallpaper settings.

*Phase 4: Network Engineering (Routing & Hardening)
*

Breaking the network to rebuild it stronger.
Segmentation: Split the network into two subnets (Server vs. Staff) to isolate critical assets.
Software Routing: Configured RRAS on Windows Server to route traffic between virtual interfaces.
DHCP Relay: Configured a Relay Agent to forward IP requests from the isolated Staff LAN to the central DHCP server.
SSH Hardening: Generated 4096-bit RSA keys, installed them on Linux, and disabled password authentication (PasswordAuthentication no).
Penetration Test: Deployed Kali Linux internally and attempted a brute-force attack (Hydra) against the hardened server. Result: Attack Failed (Access Denied).

Tools & Utilities

Key tools leveraged for management, automation, and troubleshooting:

99SAK - Powershell Swiss Army Knife : A custom single-file, portable admin toolkit I developed. It features 99 menu-driven operations for Windows, including network triage, system maintenance, and log analysis. Used extensively during this lab for rapid diagnostics.
RSAT: Remote Server Administration Tools for AD management from the client.
PuTTY: SSH client for remote Linux management.
Nmap & Hydra: Offensive security tools used for auditing network visibility and defense validation.

Key Configurations

Ubuntu Netplan Config (/etc/netplan/50-cloud-init.yaml)

Critical configuration for pointing Linux DNS to the Windows Controller.
network: ethernets: enp0s3: addresses: [192.168.10.5/24] routes: - to: default via: 192.168.10.2 # Gateway is the Windows Server nameservers: addresses: [192.168.10.2] # DNS is the Windows Server version: 2

PowerShell Bulk User Import (Snippet)

Automation logic used for HR onboarding.
Import-Csv "C:\HR_Data.csv" | ForEach-Object { New-ADUser -Name $_.Name -Path "OU=Sales,DC=corp,DC=dz" -Enabled $true }

Folder Redirection Strategy

GPO Setting: User Configuration > Policies > Windows Settings > Folder Redirection
Target Path: \192.168.10.2\UserFiles\%USERNAME%\Desktop
Rationale: Using the IP address in the UNC path ensures the policy applies even if DNS services are slow to start during the boot sequence.

Validation Checklist

The following tests were performed to verify infrastructure integrity:

DNS Resolution: ping www.corp.dz resolves to 192.168.10.5 from client workstations.
RBAC Enforcement: Adam.Helpdesk receives "Access Denied" when attempting to reset IT Admin passwords.
Routing: ICMP traffic flows successfully between Zone A (Server) and Zone B (Staff).
Defense Hardening: Hydra brute-force attack against the Linux server fails due to public-key enforcement.
Data Persistence: User files persist on the server even after client VM deletion.

Disclaimer

This project is a Home Lab simulation intended for educational purposes and professional skill development. While it utilizes enterprise-grade software and configurations (AD, GPO, Linux Servers), it represents a controlled testing environment.

Repo : For More Info

How I Built AirQuiz an Offline-First Exam Server (Python/React) to Beat Bad Wi-Fi

Salah Eddine Medkour — Thu, 01 Jan 2026 19:14:08 +0000

Author: Salah Eddine Medkour

Introduction

My name is Salah Eddine Medkour. I am a Technical Lab Instructor and Network Engineer in Annaba, Algeria. When the internet infrastructure failed in the labs I manage during my final university exams, I engineered AirQuiz, a local-area network (LAN) assessment platform that operates with zero external connectivity.

The Problem

I teach a Master’s level Python course. The internet stability here is unpredictable. During a final exam setup for 45 students, the campus ISP dropped completely. I realized that a standard "cloud-first" deployment to Vercel or AWS was a single point of failure. I needed a system that ran entirely on local hardware.

The Hardware Setup

I had zero budget for enterprise servers. I repurposed my personal equipment to build a dedicated local node.

The Server: I used my ThinkPad. The NVMe storage was the most critical component here (Not a necessity). SQLite writes are file-based, so fast disk I/O was necessary to prevent database locking during simultaneous submissions.
The Network: I utilized a spare router isolated from the campus network. I configured a static IP for the ThinkPad and enabled a strict DHCP pool for the student devices. I physically disconnected the WAN cable to ensure the network was air-gapped and free from external interference.

The Stack: Python (FastAPI) and React

I prioritized low overhead and high concurrency over ease of development.

Backend: I chose FastAPI over Django. The primary reason was asynchronous request handling. When 45 clients send a POST request at the exact same second, a synchronous server often blocks threads. FastAPI uses an ASGI server (Uvicorn) to handle these concurrent connections without latency.
Frontend: I used React. The application loads once on the client device. After the initial load, the network traffic consists only of tiny JSON payloads. This reduces the load on the router significantly compared to server-side rendering.

The Logic

The biggest technical risk was data integrity during the "submit" event. Here is how the backend handles potential race conditions or duplicate submissions:

@app.post("/submit-exam/")
async def submit_exam(submission: schemas.ExamSubmission, db: Session = Depends(get_db)):
    # 1. Check for existing submission to prevent duplicates
    existing = db.query(models.Submission).filter(
        models.Submission.student_id == submission.student_id
    ).first()

    if existing:
        return {"status": "already_received"}

    # 2. Calculate score in-memory
    score = calculate_score(submission.answers)

    # 3. Commit to SQLite with low I/O overhead
    db.add(models.Submission(student_id=submission.student_id, score=score))
    db.commit()

    return {"status": "success", "score": score}

The Results

We successfully deployed AirQuiz for +180 students across four separate exam sessions.

Uptime: 100%. The system remained stable even when the building's internet cut out twice.
Latency: Consistently under 10ms due to the local loopback architecture.
Efficiency: The auto-grading feature reduced administrative work from days to seconds.

Conclusion

This project reinforced that understanding network fundamentals is just as important as knowing modern cloud frameworks. By respecting the constraints of the environment and utilizing local LAN architecture, I ensured a fair and stable exam environment for my students.

AirQuiz on Github