blackroad-os/alexa-amundson-resume
9
0
Fork 0
mirror of https://github.com/blackboxprogramming/alexa-amundson-resume.git synced 2026-03-18 03:34:08 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
32fdb3feb73a151e8140c6da77e31f63a2d31f8a
alexa-amundson-resume/roles/13-network-engineer.md
Alexa Amundson ec7b1445b5 kpi: auto-update metrics 2026-03-13 
RoadChain-SHA2048: c645c1292ab1555e
RoadChain-Identity: alexa@sovereign
RoadChain-Full: c645c1292ab1555ebe6982915536d1c94701ff6bb16c20ed6ef4144eb50c9f984b4bfe5b9902109e8defd958d6be43ced8ec11cf95d6241536cd4da0b75f8fb48cbeb1b9f450c8f665b73d39e837d23e73e2ba4201af4dc40c02a34283efb04b39c612083465536f194f16adfadb1b56f714a65b918f40750f54eebf7724236861de173ec31963ff3b1b988d712be7e5acc3fe391eb804d3fdcfb9ccf77afc732660d23fff801f894318327eabf775eb4f4e67f7f22d07f23b0e17f6594cfe95b83b275fb7baaa97115e86562604fc5b47cc8024574b61396924e0ee2b7e454b0a1480c3076c7ad72408ceb4a75360d2d49c7d805c37ac5315af00e4a8ca2262
2026-03-13 23:16:12 -05:00

48 lines
2.0 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Alexa Amundson
**Network Engineer**
amundsonalexa@gmail.com | [github.com/blackboxprogramming](https://github.com/blackboxprogramming)
---
## Summary
Connecting 7 nodes across 3 physical locations with zero open ports. Built a multi-layer network: WireGuard mesh for encryption, Cloudflare tunnels for zero-trust access, RoadNet WiFi mesh for local coverage, and Pi-hole DNS for control.
---
## Experience
### BlackRoad OS | Founder & Network Engineer | 2025Present
**The Layers: Defense in Depth**
- Layer 1 — WireGuard mesh VPN (10.8.0.x): encrypted tunnels between all nodes. Every packet between nodes is encrypted, period
- Layer 2 — Cloudflare tunnels (4 active): 48+ domains routed to fleet with zero open ports. External traffic never touches a public IP
- Layer 3 — Tailscale overlay (9 peers): management access from anywhere. MagicDNS for node resolution. Exit nodes for remote debugging
- Layer 4 — RoadNet WiFi mesh: 5 APs on non-overlapping channels, 5 subnets, NAT, auto-failover — local devices talk to fleet directly
**The DNS: Names, Not Numbers**
- Pi-hole for ad blocking and local DNS resolution. PowerDNS Docker for custom authoritative zones
- Custom DNS zones: .cece, .blackroad, .entity, .soul, .dream — edge services discoverable by domain name within the network
- 48 Nginx reverse proxy sites with health checking — each domain routes to the right backend on the right node
---
## Technical Skills
WireGuard, Tailscale, Nginx, Cloudflare Tunnels, Pi-hole, PowerDNS, UFW, iptables
---
## Metrics
| Metric | Value | Source |
|--------|-------|--------|
| Nginx Sites | *live* | services.sh — /etc/nginx/sites-enabled via SSH |
| Tailscale Peers | *live* | services.sh — tailscale status via SSH |
| Fleet Nodes | *live* | fleet.sh — SSH probe to all nodes |
| CF Pages | *live* | cloudflare.sh — wrangler pages list |
| Net Connections | *live* | services.sh — ss -tun via SSH |
| Systemd Services | *live* | services.sh — systemctl list-units via SSH |
Reference in New Issue View Git Blame Copy Permalink