DevOps and Platform Engineer. I build and operate Kubernetes-based infrastructure — from bare metal provisioning to full observability stacks, GitOps delivery, and identity management.

Currently building a production-grade homelab that serves as a personal Internal Developer Platform: a foundation ready to deploy and operate real applications end to end.

A self-hosted Kubernetes platform running on bare metal K3s, built with the same standards I apply at work.

Infrastructure layer K3s · Ansible · MetalLB · Traefik · cert-manager · external-dns · Longhorn · Cloudflare

Platform layer Authentik (SSO) · ArgoCD (GitOps) · SOPS (secrets at rest) · OpenBao (runtime secrets) · Kyverno (policy enforcement) · CloudNativePG (database operator)

Observability layer Prometheus · Grafana · Loki · Tempo · Pyroscope · Grafana Alloy (OpenTelemetry)

Engineering practices Helmfile staged deployments · Semantic release · Renovate (automated dependency updates) · Conventional commits · Pre-commit hooks · GitHub Actions CI · ADR documentation

• Velero backup to Cloudflare R2
• OpenBao + External Secrets Operator
• Container registry (Zot)
• CI pipeline (Woodpecker CI)
• Portfolio site — deployed on this infrastructure

Employed and building. Open to conversations about Platform Engineering and DevOps roles.

📫 LinkedIn · GitHub