Systems Administration & Infrastructure

Building infrastructure.
Documenting everything.
Learning constantly.

I'm obsessed with understanding how things actually work. My homelab isn't just a collection of services, it's where I break things, fix them, and document every step so I can do it better next time. I build SSO authentication, automated backups, and clustering because it's the best way I've found to actually understand infrastructure.

8 Apps
Protected by SSO
6 Systems
SSH Hardened
100%
Backup Success
11 Hosts
Monitored & Alerted
View Projects Full Resume

What I'm Working On

Production systems and active skill development

Live
Identity & Access Management

Enterprise SSO Implementation

Deployed forward authentication at the reverse proxy layer using Authentik + Active Directory. Built a reusable pattern that protects ANY web application, eliminating per-app credential management.

Learn more about this project →

February 2026 ~15 hours
Active Directory LDAP Authentik nginx
Live
Infrastructure & Reliability

Backup Infrastructure Migration

Migrated from unreliable USB backups to Proxmox Backup Server with chunk-level deduplication. Achieved 100% backup success rate and 85% storage reduction.

Learn more about this project →

February 2026 ~8 hours
Proxmox PBS Storage Linux
Live
Security & Hardening

SSH Hardening Implementation

SSH hardening across 6 systems with Ed25519 key-based authentication and fail2ban intrusion prevention. Zero downtime, SOC 2 compliant patterns.

Learn more about this project →

February 2026 ~2 hours
SSH fail2ban Ed25519 Linux
Live
Infrastructure & Observability

Monitoring & Observability Stack

Deployed end-to-end observability across a 3-node Proxmox cluster using Prometheus, Grafana, and Loki. OS-level metrics from all nodes, per-VM breakdowns via the Proxmox REST API, and a live-tested alerting pipeline routing to Discord.

Learn more about this project →

March 2026 ~6 hours
Prometheus Grafana Loki PromQL Docker Compose Alerting
WIP
Identity & Access Management

MFA Implementation

Adding TOTP/WebAuthn second factor to Authentik SSO for enhanced security across all protected applications.

Authentik TOTP WebAuthn
WIP
Container Orchestration

K3s Cluster Deployment

Deploying lightweight Kubernetes across the 3-node Proxmox cluster with persistent storage and load balancing — what most orgs run in production, minus the AWS bill.

K3s Kubernetes Longhorn Helm Linux
WIP
Certification

RHCSA Preparation

Developing Linux administration skills you'd actually need on the job through hands-on labs and practice environments.

Linux Red Hat System Admin
WIP
Identity & PKI

AD CS Implementation

Deploying Certificate Services for Proxmox RBAC and Active Directory using enterprise PKI.

Active Directory PKI Certificates

Technical Skills

Skills built by doing the work — in the homelab and on the job.

Identity & Access

  • Active Directory
  • Authentik SSO
  • LDAP & StartTLS
  • Certificate Management

Virtualization

  • Proxmox Clustering
  • Backup Server (PBS)
  • VM/CT Lifecycle
  • Storage (NFS, LVM)

Networking

  • VLAN Segmentation
  • Firewall Policies
  • Reverse Proxy (nginx)
  • DNS Management

Security

  • SSH Hardening
  • fail2ban IPS
  • Key-Based Auth
  • Defense-in-Depth

Monitoring & Observability

  • Prometheus
  • Grafana
  • Loki
  • PromQL
  • Alerting

Systems & Tools

  • Linux Administration
  • Docker Orchestration
  • Bash Scripting
  • Git & Documentation
"He never stopped asking questions. I knew that would take him somewhere."
Helpdesk Operations Manager (and former colleague)

I owe a lot to that moment. Still learning, still building.

Let's Chat
Austin, TX based · Open to the right role in Austin.