Platform Infrastructure

Tier 2: Infrastructure Projects

Enterprise-grade infrastructure demonstrating senior-level skills.

Identity & Access

Project Description Status

ISE Automation

Python/Ansible ISE policy management

Active

Vault PKI

HashiCorp Vault as enterprise CA (DOMUS-ROOT-CA, DOMUS-ISSUING-CA)

Production

Vault SSH CA

8-hour SSH certificates, Vault-signed

Production

gopass v3

Hierarchical password taxonomy (v3/domains/, v3/servers/, etc.)

Migration complete

FreeIPA

Linux identity management (ipa-01)

Deployed

Keycloak

OIDC federation (keycloak-01)

Deployed

Windows Server 2025 Core

Domain controller (home-dc01) without GUI

Production

Networking

Project Description Status

802.1X EAP-TLS

Linux wired/wireless authentication with Vault PKI certs

Production

pfSense

Firewall, DNS, VPN (pfsense-01)

Production

BIND DNS

Authoritative DNS (bind-01)

Production

Cisco WLC 9800-CL

Wireless controller with ISE integration

Production

Compute & Storage

Project Description Status

k3s Cluster

Lightweight Kubernetes with Cilium CNI

Phase 3 complete

KVM Virtualization

libvirt/QEMU on Supermicro servers

Production

gocryptfs Vaults

Encrypted directories for sensitive data

Production

Borg Backup

Deduplicated backups to NAS

Production