blackroad-os/alexa-amundson-resume
9
0
Fork 0
mirror of https://github.com/blackboxprogramming/alexa-amundson-resume.git synced 2026-03-18 05:34:08 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
9ee721f549eae57833bfcb72bcb1a061694e1906
alexa-amundson-resume/roles/13-network-engineer.md
Alexa Amundson 292fa97a8e kpi: auto-update metrics 2026-03-13 
RoadChain-SHA2048: 9f948f149bd9f508
RoadChain-Identity: alexa@sovereign
RoadChain-Full: 9f948f149bd9f508d25792c617d1c4049cf814c3acbb3181886684f1d89e2ab84fdb0364ce227ef1c03c0b59335e5d1aad9434f983ad375d50eca597e7daea8f9bb2a3e40116fa13de0453865ff2665fb759fc63204fe222360becc3b8c447fb1fbe7e10a440e8107745b57c643682cb2e4f7cffbb9c8c0e1bc5b03623fcbd41d0ab39740c02f148d5309591013f3d65810692706da448cf7e04b4368ef3738898fcc0f2414377cf1ff1f5897a27cfd96289c1f1875a3a93ec732453686f07621952135ae7df10cce155ebc206d3d3a3a9931fc7683d635c74b67d080fc170a8b8238a9eda91ba9193aaeb17737276b9140330cf622d656efdb3e968f46d1a24
2026-03-13 01:07:28 -05:00

73 lines
2.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Alexa Amundson
**Network Engineer**
amundsonalexa@gmail.com | [github.com/blackboxprogramming](https://github.com/blackboxprogramming)
---
## Summary
Network engineer operating a multi-layer network stack: WireGuard mesh VPN, Tailscale overlay (9 peers), RoadNet WiFi mesh (5 APs), 4 Cloudflare tunnels serving 48+ domains, DNS infrastructure (Pi-hole + PowerDNS + dnsmasq), and 48 Nginx reverse proxy sites across a 7-node fleet.
---
## Experience
### BlackRoad OS | Founder & Network Lead | 2025Present
**VPN & Mesh Networking**
- WireGuard mesh VPN (10.8.0.x subnet) with DigitalOcean hub routing to all edge nodes
- Tailscale overlay network: 9 peers for management access across network boundaries
- RoadNet WiFi mesh: 5 access points on non-overlapping channels (1, 6, 11)
- Dedicated subnets: 10.10.{1-5}.0/24 per node with NAT through wlan0
**DNS Infrastructure**
- Pi-hole on Alice: fleet-wide ad blocking and DNS resolution
- PowerDNS on Lucidia (Docker): authoritative DNS for custom zones
- dnsmasq on Cecilia: custom DNS zones (.cece, .blackroad, .entity, .soul, .dream)
- Cloudflare DNS for 48+ public domains
**Reverse Proxy & Load Balancing**
- 48 Nginx sites routing traffic to fleet services
- 4 Cloudflare tunnels for zero-trust external access
- Per-service routing: API, web, git, AI inference endpoints
- SSL/TLS termination via Cloudflare
**Monitoring & Diagnostics**
- 106 active network connections monitored across fleet
- 867 processes tracked for network resource usage
- SSH-based fleet probing with health checks
- Daily KPI collection including connection counts and peer status
**Security**
- Zero-trust architecture via Cloudflare tunnels (no exposed ports)
- WireGuard encryption for all inter-node traffic
- UFW firewall on edge nodes (INPUT DROP policy)
- SSH key management across 50+ authorized keys
---
## Technical Skills
**VPN:** WireGuard, Tailscale
**DNS:** Pi-hole, PowerDNS, dnsmasq, Cloudflare DNS
**Proxy:** Nginx, Cloudflare Tunnels
**WiFi:** hostapd, RoadNet mesh configuration
**Security:** UFW, nftables, SSH hardening, TLS
**Monitoring:** Custom probes, ss, connection tracking
---
## Metrics
| Metric | Value |
|--------|-------|
| VPN nodes | 7 (WireGuard) |
| Tailscale peers | 9 |
| WiFi APs | 5 |
| Domains | 48+ |
| Nginx sites | 48 |
| CF tunnels | 4 |
| Connections | 106 |
Reference in New Issue View Git Blame Copy Permalink