DevOps engineer with a love for declarative infra, reproducible systems, and GitOps workflows.

• 🧱 Kubernetes HA, RBAC, Namespaces, Longhorn Volumes

  proficiency: advanced

• 📦 Helm for templated deployments and lifecycle management

  proficiency: advanced

• 🌀 FluxCD with Kustomize overlays for GitOps automation

  proficiency: advanced

• 🛠️ Terraform managing Hetzner & Azure (firewalls, vnet, subnets)

  proficiency: advanced

• 🐋 Docker multi-stage builds, private registry publishing

  proficiency: advanced

• 🧪 GitLab CI/CD pipelines for build-test-deploy flow

  proficiency: advanced

• 📜 Secret & config management via SealedSecrets / Helm values

• 🔁 Ingress Controllers: Traefik & NGINX w/ TLS via Cloudflare
• 🔒 RBAC + NetworkPolicies for namespace isolation
• 🌐 Internal IPv4/v6 routing, VPN subnet design (e.g. 10.0.2.0/24, 2a01::/124)
• 🧠 Bruteforce protection & logging via rsyslog + policy enforcement

  proficiency: intermediate to advanced

• 📊 Prometheus + Grafana dashboards, service metrics
• 📥 Alert routing to Mattermost (no Slack 😉)
• 🔎 Cluster visibility with kube-state-metrics, metrics-server

  proficiency: advanced

• 💻 Bash scripting (custom jobs, health checks, CI steps)
• 🎨 Oh My Bash wizardry: plugins, completions, aliases, theming

  proficiency: advanced

• 🔄 Longhorn-backed PostgreSQL, Redis, RabbitMQ on Kubernetes
• 🧿 Keycloak via Helm with ingress + TLS

  proficiency: intermediate

• 🐧 Pop!_OS / Ubuntu: apt/full-upgrade workflows, Flatpak mgmt
• 🧹 Regular cleanup via apt autoremove, flatpak uninstall --unused

  proficiency: advanced

💬 “If it’s not versioned in Git, it doesn’t exist.”
🧘‍♂️ alias k=kubectl | alias tf=terraform | :wq