whoami
I am a Senior Linux System Administrator based in the Czech Republic, with over eight years of experience running enterprise Linux environments. My core stack is the Red Hat ecosystem: RHEL, Ansible for automation, and OpenShift for container workloads.
I build infrastructure that can be rebuilt from code, monitored around the clock, and handed over to a colleague without a long explanation. Everything I deploy is automated with Ansible, tracked in git, and covered by monitoring. Open source is my standard toolset, at work and at home.
certifications
skills
Systems
Day-to-day administration of production servers, from provisioning to patching and troubleshooting.
- RHEL / Debian
- Proxmox VE / KVM & LXC
- OpenShift / Kubernetes
Automation
Ansible playbooks and roles for repeatable configuration, with Python and Bash where scripting is faster.
- Ansible
- Python
- Bash
Identity & Access
Central user management and single sign-on across systems and applications.
- FreeIPA
- Keycloak
- OpenLDAP
Databases & Monitoring
Operating relational databases with monitoring, alerting, and tested backups.
- MariaDB
- PostgreSQL
- Zabbix
Cloud
Hands-on experience with public cloud platforms in hybrid setups alongside on-premise infrastructure.
- Oracle Cloud
- AKS (Azure)
- VMware VCD
Networking
Firewalls, VPN access, and DNS for segmented networks with controlled remote access.
- OpenWRT
- OpenVPN
- Knot DNS
- WireGuard
homelab
My homelab runs around the clock and follows the same practices I use at work. Everything is virtualized, monitored, segmented, and deployed with Ansible. It hosts services my household actually depends on, so reliability is not optional.
I use it to test upgrades, new tools, and automation changes before recommending them anywhere near a production system. It is also where I prepared for my Red Hat exams.
Virtualization
Proxmox VE cluster hosting KVM virtual machines, LXC containers, and Docker workloads.
- Proxmox VE
- KVM
- LXC
- Docker
Networking
Segmented network with an nftables firewall, WireGuard remote access, and authoritative DNS.
- Turris OS
- nftables
- WireGuard
- Knot DNS
Services
Self-hosted home automation and identity services, run with the same care as production.
- Home Assistant
- Zigbee/Thread
- MariaDB
- FreeIPA