.. _edunao_pro: ====== Edunao ====== DevOps / Sysadmin at EDUNAO *from 09/2020 to 07/2024* ----------------------------------------------------- EDUNAO is a Moodle Premium Partner, providing clients with hosting, development, and support services to help them share knowledge—whether for businesses or universities. Role ---- - **Development of Internal Tools & Performance Optimization** Developed internal tools to automate repetitive tasks, optimized system performance, and identified and resolved bottlenecks. - **Cross-Team Collaboration** Worked with various teams to ensure effective coordination and project success. - **High-Performance Web Infrastructure Creation** Designed and implemented high-performance, clustered web infrastructures. - **Support & Systems Management** Led and mentored the systems team, handled technical support issues, and maintained internal IT infrastructures to ensure optimal performance and availability. - **Proof of Concept (POC) Development** Developed and demonstrated proof of concepts for potential projects and technologies. - **Annual Upgrade Projects** Planned and executed infrastructure and Moodle version upgrade projects. - **Security Configuration Improvement** Continuously improved security configurations to ensure state-of-the-art protection and implemented cybersecurity strategies to safeguard systems and data. Achievements ------------ - **Multi-Node SQL Replication Architecture** - Designed and deployed two multi-node **Galera clusters**. - Established **SQL replication** between clusters. - Resolved **Moodle-related issues** in a distributed infrastructure (authentication, session tracking, etc.). - **Security Enhancements for the CNIL** - Implemented **Content Security Policy (CSP)** to mitigate XSS and Clickjacking attacks. - Refined **firewall rules** to meet strict security requirements. - Deployed a **custom bastion server** to secure access. - **Migration of Proprietary Installation Scripts from Bash to Ansible** - Managed project workflow and ensured seamless integration. - Converted and optimized legacy scripts for **Ansible automation**. - Debugged and refined automation processes. - **Automated Let’s Encrypt Certificate Generation** - Adapted **Let’s Encrypt** automation to accommodate specific workflow and proprietary code. - **Load Testing Implementation** - Designed **load testing scenarios** using **JMeter**. - Deployed testing infrastructure on **Azure**. - Measured results and optimized system/database/network configurations for performance goals. - **Proof of Concept & Migration from SVN to Git** - Conducted multiple **POCs** to determine the best **Git solution**. - Developed a **migration procedure** and project plan. - Successfully completed **SVN-to-Git migration**. - **Annual Upgrade Automation** - Automated **test platform deployment** to streamline **Moodle upgrades**. - Developed a **Linux OS upgrade automation process** (attack surface reduction, access controls, scripts, transition to **systemd**, **PHP version updates**). - **Authentication Delegation Automation with Shibboleth** - Automated **Service Provider** creation. - Integrated authentication system with **Moodle**. - **BigBlueButton (BBB) Infrastructure & Automation** - Designed and maintained **BBB infrastructures**. - Developed automation scripts to enhance performance and reliability. - **Load Balancers using OVH API** - Automated configuration to fit with our internal needs. - Automated addition, enabling or disabling of backends. - Automated Let's Encrypt certificate generation through OVH LB and certificate upload. - *And more...* Technologies ------------ - Linux (Ubuntu) - Bash, Python - Ansible - Gitolite, Gitlab - JMeter - MySQL, MariaDB, Galera, PostgreSQL - OVH Cloud, Azure - Shibboleth, Auth Delegation - Let’s Encrypt, CSP, Firewalling, OVH Load Balancers - Prometheus, Grafana - BigBlueButton