My public projects
- A Complete OpenSSL Certificate Authority - two-layer CA (Root, DV TLS, Personal), private keys on HSM (PKCS#11), OCSP, encrypted key backup
- rtsp-timelapse - Shell script-based routine that takes full-resolution snapshots from IP cam RTSP stream and periodically creates a HEVC timelapse video using FFmpeg.
- webcam-snapshot - Shell script-based routine that takes unique snapshots from live JPEG images published on the Web.
- [CZ] Školní Burza / Online Book Swap - projekt z gymnázia / a grammar school project
- [CZ] Společenská hra Aktivity pro počítač / Aktivity board game for a computer
Miscellaneous
Skills & Work experience
- Programming & scripting:
- C - UNIX platform programming, STM32, Microchip PIC16,18
- C++ - school projects
- C# - .NET Core, .NET Framework (services & Windows Forms)
- Go - gorm, Fiber (Web API backend)
- Python - scripting, Django (basic experience)
- JavaScript - basic frontend scripting (fetch API)
- Shell - bash, ksh, PowerShell
- Rust - Actix, Diesel (Web API backend)
- PHP - low complexity projects
- HTML, CSS - basic responsive web design
- LaTeX - writing software documentation
- Database: SQL, InfluxDB (Flux), Prometheus (PromQL)
- Operating systems: OpenBSD, FreeBSD, Linux (Debian-like, Alpine, RHEL, Armbian, Gentoo)
- Server technologies: Proxmox, VMware ESXi, Synology, Nakivo
- Services:
- Firewall: pf, nftables, iptables
- VPN: Wireguard, OpenVPN
- Database: PostgreSQL, MariaDB, Redis
- nginx, OpenBSD's httpd / relayd
- FreeRADIUS (complex setup EAP-TLS, TTLS, PEAP-MSCHAPv2)
- Mail: OpenSMTPD + dovecot + rspamd + Roundcube (complete mailserver)
- Monitoring & alerting: Prometheus
- Gitea, Authelia, RustDesk, Jitsi, CUPS, Asterisk (basic knowledge)
- ILP, optimization: Gurobi (basic school experience)
- Traffic analysis: tcpdump, Wireshark, nmap
- Software testing: designing test scenarios (pairwise input, unit, path-based, integration), Gitlab CI/CD, Playwright (basic school experience)
-
Tools:
- Docker - multistage compose, networking
- git
- OpenSSL - encrypt, decrypt, X.509
- ffmpeg - reencode, split, concat, H.264, H.265, rtsp stream processing
- Draw.io: UML diagrams
-
Work experience:
- 2024: I was responsible for complete ISO 27001 implementation from both technical and administrative scope, namely IT security measures design & implementation, documentation development, employee-training, internal & external audit in small-size company.
- 2024: designing custom high-level language & compiler implementation for automated label graphics generation
- 2024: transferring virtual machines from VMware ESXi to Proxmox
- 2023: S/MIME certificate management, dealing with global CA, gaining EU-trusted Qualified certificates
- 2023-current: designing, establishing and maintenance of complex private Certification authority (ECC) in small company
- 2023: Cybersecurity manager course (provided by Seminaria.cz)
- 2022: implementing custom IP peripheral driver in .NET Core
- 2019-current: IT administrator (BSD, Linux, MSAD), security architect in small company in Industry IT field
- 2019-current: maintaining .NET Windows Forms application for output quality assurance in industry, controlling multiple peripherals
- 2019-20: introducing UNIX-like technologies to small Industry IT company
- 2016-current: development (PHP) & running online book swap for my grammar school
- 2016-18: Programming course guidance (grammar school)
Languages
- Czech (native speaker)
- English (B2)
- French (B1)