Senior Infrastructure Engineer (Public Sector) | Open Source Advocate
I specialize in designing resilient, high-availability infrastructure for the public sector. My focus is on robust Linux environments, virtualization with Proxmox VE, and secure storage solutions using ZFS. I believe in the power of Open Source to build transparent and secure government IT systems.
- Virtualization: Proxmox VE, Docker, KVM
- Storage: ZFS (Replication, Snapshots, Encryption), Ceph
- OS: Debian / Ubuntu LTS (Hardened)
- Automation: Ansible, Bash Scripting, Cloud-Init
- Security: BSI IT-Grundschutz compliance, Network Segmentation, Fail2Ban
I maintain a collection of tools and scripts to simplify the life of sysadmins in restricted environments.
- ๐ hardened-vps-bootstrap
- Automated setup script to secure fresh Debian/Ubuntu instances according to security best practices.
- ๐ฆ proxmox-zfs-snapshot-manager
- Lightweight tool to manage and rotate ZFS snapshots on Proxmox hosts for disaster recovery.
- ๐ก๏ธ secure-docker-stack-template
- Template for deploying secure, isolated web services using Docker Compose.
- ๐ Netbird-self-hosted-stack
- *Reference implementation for a compliant, self-hosted overlay network infrastructure featuring CrowdSec integration and strict service isolation.
"Complexity is the enemy of security."
In my daily work in the public sector, I strive to replace opaque legacy systems with transparent, auditable open-source solutions. My goal is to build infrastructure that remains stable and secure, even under critical conditions.
- ๐ผ LinkedIn: Patrick Bloem
- ๐ค Xing: Patrick Bloem