Skip to content
View do6pbln9l's full-sized avatar
🏠
Working from home
🏠
Working from home

Achievements

Achievement: Quickdraw

Achievements

Achievement: Quickdraw

Block or report do6pbln9l

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
do6pbln9l/README.md

πŸ‘‹ Hi! I'm Aleksandr Dobrynin

DevOps/SRE Engineer with 3+ years of experience building fault-tolerant infrastructure and automating CI/CD processes. Achieved 99.9% uptime over 6 months with Proxmox VE HA cluster. Practical experience with ML/Computer Vision infrastructure (Frigate, YOLO, face recognition). SRE approach: runbooks, RTO/RPO metrics, monitoring, automation-first mindset. Reduced operational toil from 40% to 10% through systematic automation.

πŸ“ Moscow | 🏠 Remote-friendly | πŸ‡·πŸ‡Ί Russian

πŸ› οΈ Technology Stack

Infrastructure: Linux (Debian/Ubuntu), Proxmox VE/PBS HA cluster (3 nodes), Docker, KVM/LXC, HP iLO
Automation: Bash, systemd, GitHub Actions, CI/CD
Databases: PostgreSQL (replication, backups)
Networking: nginx (reverse-proxy, TLS termination), VLAN segmentation, DHCP, DNS (AdGuard Home), KeenDNS, Let's Encrypt, NTP, iptables/firewall
Storage: ZFS, Ceph
Monitoring: Dashboards (CPU/RAM/Disk/GPU), alerting (Telegram Bot), centralized logging, capacity planning
ML/Computer Vision: Frigate, YOLO, Doubletake, Compreface, Docker-based model serving, MQTT integration
API & Integrations: REST API, OAuth2, Modbus/TCP, Zigbee2MQTT, Telegram Bot API
Security: SSL/TLS automation, secrets management, firewall policies

Hands-on practice in lab environment: Kubernetes/Helm, Terraform, Ansible, Prometheus/Grafana, GitLab CI, Python (Flask/FastAPI)

πŸš€ Projects

OAuth2 Infrastructure Automation

OAuth2 infrastructure automation for HeadHunter API:

  • βœ… CI/CD via GitHub Actions: ShellCheck linting, nginx validation, Docker build/push to GHCR
  • βœ… Automated token refresh via systemd timers (every 6 hours, 100% automation)
  • βœ… Reverse-proxy setup: nginx + KeenDNS + Let's Encrypt (90-day cert auto-renewal)
  • βœ… Infrastructure as Code: all configs version-controlled in Git
  • βœ… Container versioning: SemVer tagging (1.0.0, latest) published to GHCR
  • βœ… Architecture documentation: Mermaid diagrams with detailed component interaction

Technologies: Docker, GitHub Actions, GHCR, systemd, nginx, OAuth2, Bash, Let's Encrypt, KeenDNS

πŸ€– ML/Computer Vision Production Infrastructure

Production-ready ML infrastructure for real-time video analytics:

  • βœ… Frigate + YOLO object detection in Docker (8+ video streams, 99.9% uptime)
  • βœ… Doubletake + Compreface face recognition (trained on 150+ photos, accuracy 98%, recall 95%)
  • βœ… ML optimization: precision improved from 75% to 92%, false positives reduced by 85%
  • βœ… Automated model serving via Docker + Python + REST API + MQTT
  • βœ… GPU monitoring and inference metrics tracking
  • βœ… Full ML lifecycle implementation: data preparation β†’ training β†’ serving β†’ monitoring β†’ optimization

Technologies: Frigate, YOLO, Doubletake, Compreface, FaceNet, MTCNN, Docker, MQTT, Python, REST API, TensorFlow Lite, GPU inference

πŸ“Š Key Achievements

  • βœ… Reduced deployment time by 96%: 2 days β†’ 2 hours via Docker containerization and CI/CD
  • βœ… Reduced operational toil by 75%: from 40% β†’ 10% through automation of routine tasks
  • βœ… 99.9% infrastructure uptime over the last 6 months (Proxmox VE HA cluster, 3 nodes)
  • βœ… RTO < 30 minutes for critical VM recovery (verified via quarterly test-restores)
  • βœ… RPO < 1 hour via snapshot management and incremental backups
  • βœ… Network load reduced by 15% through AdGuard Home DNS filtering
  • βœ… ML model optimization: precision 75% β†’ 92%, false positives reduced by 85%
  • βœ… CI/CD pipeline: ShellCheck (100% compliance) + automated Docker builds to GHCR
  • βœ… 100% automation of OAuth2 token refresh (manual every 2 weeks β†’ systemd timer every 6 hours)

πŸ—οΈ Infrastructure at Scale

Proxmox VE HA Cluster:

  • 3-node cluster with automatic failover and quorum configuration
  • 15+ virtual machines (Ubuntu/Debian)
  • 20+ LXC containers for service isolation
  • ZFS/Ceph storage backend
  • Daily incremental + weekly full backups via Proxmox Backup Server
  • HP iLO remote management for physical servers

Network Architecture:

  • 10+ VLAN segments (management, production, DMZ, guest)
  • 50+ managed devices with DHCP reservations and MAC binding
  • nginx reverse-proxy with TLS termination
  • AdGuard Home DNS filtering (15% network load reduction)
  • NTP synchronization (<10ms accuracy) for distributed logging

Observability:

  • Custom dashboards: CPU/RAM/Disk/GPU utilization, network metrics, service health
  • Telegram alerting: CPU > 80%, Disk > 90%, service downtime
  • Centralized logging with 30-day hot / 90-day cold retention
  • Capacity planning based on trend analysis

πŸ—οΈ Architecture

Click to collapse

OAuth2 Infrastructure

πŸ–₯️ View Mermaid diagram (desktop version)

Click to expand 
flowchart TB
    subgraph infra["πŸ“¦ OAuth2 Infrastructure (This repository)"]
        direction TB
        Nginx[πŸ”„ nginx<br/>HTTP:80β†’:8000]
        
        subgraph automation["βš™οΈ Automation"]
            direction LR
            Timer[⏱️ systemd<br/>Every 6h]
            Script[πŸ“œ refresh.sh<br/>Token refresh]
        end
        
        TestServer[πŸ§ͺ test-8000.py<br/>Test server]
        TokenStore[(πŸ” Token Storage<br/>/var/lib/hh-token/token.json)]
    end
    
    subgraph prod["πŸ€– Production App (Separate project)"]
        direction TB
        TelegramBot[πŸ“± Telegram Bot<br/>HH job search]
        FlaskApp[🌐 Flask Application<br/>OAuth callback handler at /callback]
        
        TelegramBot -.->|Project<br/>hh-oauth2-keendns-nginx-systemd| FlaskApp
    end
    
    subgraph external["External"]
        HHAPI[🏒 HH OAuth2 API<br/>api.hh.ru]
    end
    
    %% Connections / Component interactions
    
    %% Main Flow (OAuth):
    Nginx -->|1. Proxy :8000| FlaskApp
    FlaskApp -->|2. OAuth callback| HHAPI
    FlaskApp -->|3. Saves initial tokens| TokenStore
    
    %% Production Flow:
    FlaskApp -->|4. Reads tokens| TokenStore
    TelegramBot <-->|5. API requests| HHAPI
    
    %% Token Refresh Flow:
    Timer -.->|6. Trigger| Script
    Script -->|7. Refreshes tokens| HHAPI
    Script -->|8. Saves new tokens| TokenStore  
    
    %% Testing:
    TestServer -->|9. Testing alternative| Nginx
    
    %% Styling
    style Nginx fill:#2E8B57,color:#FFFFFF,stroke:#1a5f3a,stroke-width:2px
    style Timer fill:#FFA500,color:#000000,stroke:#cc8400,stroke-width:2px
    style Script fill:#FF8C00,color:#FFFFFF,stroke:#cc7000,stroke-width:2px
    style TestServer fill:#DAA520,color:#000000,stroke:#b8860b,stroke-width:2px
    style TokenStore fill:#9370DB,color:#FFFFFF,stroke:#6a4db8,stroke-width:2px
    
    style TelegramBot fill:#4682B4,color:#FFFFFF,stroke:#1565c0,stroke-width:2px
    style FlaskApp fill:#4169E1,color:#FFFFFF,stroke:#2a4ba8,stroke-width:2px
    
    style HHAPI fill:#DC143C,color:#FFFFFF,stroke:#a00000,stroke-width:2px
Loading

Color Legend

  • 🟒 Green β€” infrastructure components (nginx)
  • 🟠 Orange β€” automation (systemd timer, Bash scripts)
  • 🟑 Gold β€” testing/auxiliary tools (test-8000.py)
  • 🟣 Purple β€” data storage (Token Storage)
  • πŸ”΅ Blue β€” production application (Telegram Bot, Flask App)
  • πŸ”΄ Red β€” external APIs (HeadHunter)

πŸ“Œ Popular repositories

  1. hh-oauth2-keendns-nginx-systemd
    Automated OAuth2 infrastructure for HeadHunter API with reverse-proxy nginx and systemd timers

  2. do6pbln9l
    DevOps/SRE Engineer | Linux, Docker, CI/CD | 🏠 Remote

πŸ“« Contact

πŸ’Ό HH.ru: DevOps/SRE Resume

πŸ’¬ Preferred contact method: Apply via HH or email from resume

🏠 Working from home | 🌟 Open to DevOps/SRE opportunities

Popular repositories Loading

  1. hh-oauth2-keendns-nginx-systemd hh-oauth2-keendns-nginx-systemd Public

    Automated OAuth2 infrastructure for HeadHunter API with reverse-proxy nginx and systemd timers

    Shell

  2. do6pbln9l do6pbln9l Public

    DevOps/SRE Engineer | Linux, Docker, CI/CD | 🏠 Remote

  3. ml-cv-production-infrastructure ml-cv-production-infrastructure Public

    Production ML/CV infrastructure: 18 cameras, OpenVINO GPU, 99.9% uptime, face recognition (98% accuracy). ML optimization: 75%β†’92% precision, -85% false positives.

    Shell