Generate HTML CV (with an HTTP response code of 402 - Payment required
;)) from Markdown and add client IP as a subaddress to my email address so I now from where they really contact me without having to check my mailserver logs.
The script parses the Accept-Language
HTTP header and tries to repsond in the browser's preferred language. This is done by file suffixes, meaning, if one sets their CV in a default language (402.md
), but also can have the same specified for US English (402.en-US.md
), Czech (402.cs.md
), and Hungarian (402.hu.md
), just by creating the Markdown following the language or locale code in the filename.
The script also generates a PDF file out of the HTML content to allow providing it in its static form. The PDF is saved with the same filename as the Markdown, but with the extension .{subaddress}.pdf
in the same directory as the script is hosted.
IMPORTANT
The script depends on WKHTMLtoPDF - please, install it on your server if you didn't do it so
For having all WKHTMLtoPDF's features, one need to run it inside an X server. In my case, on AlmaLinux 8 the exact steps provided for Amazon Linux won't work as WKHTMLtoPDF is deployed as /usr/local/bin/wkhtmltopdf
by the package, so I rather run the whole script in Xvfb
# /etc/systemd/system/402.service
[Unit]
Description=402, serve my CV in Markdown
After=network.target
[Service]
ExecStart=xvfb-run -a --server-args="-screen 0, 1024x768x24" /usr/local/bin/402.py
Environment=CV=/etc/402/402.md
Environment=HOSTNAME=402.balla.cloud
Environment=PORT=402
Environment=DNS=8.8.8.8
Environment='CSS=<link rel="stylesheet" href="https://unpkg.com/terminal.css" /><body class="terminal">'
Environment='PDFCSS=<meta http-equiv="Content-type" content="text/html; charset=utf-8" /><meta charset="utf-8"><style>:global {font-size: 7px !important; line-height: 100%; font-family: "monospace" !important;}* {font-size: 7px !important; line-height: 100%; font-family: "monospace" !important;}:root {--global-font-size: 7px; --global-line-height: 100%; --global-font-family: "monospace";}</style>'
[Install]
WantedBy=multi-user.target
<IfModule mod_ssl.c>
SSLStaplingCache shmcb:/var/run/apache2/stapling_cache(128000)
<VirtualHost *:443>
ServerName 402.balla.cloud
DocumentRoot /var/www/402/
ErrorLog /var/log/httpd/402_error.log
CustomLog /var/log/httpd/402_access.log combined
Header set Status "HTTP/1.1 402 Payment required"
ProxyPass / http://127.0.0.1:402/
ProxyPassReverse / http://127.0.0.1:402/
SSLCertificateFile /etc/letsencrypt/certificates/balla.cloud.pem
SSLCertificateKeyFile /etc/letsencrypt/certificates/balla.cloud.key
Include /etc/letsencrypt/options-ssl-apache.conf
Header always set Strict-Transport-Security "max-age=31536000"
SSLUseStapling on
</VirtualHost>
</IfModule>
I formatted the below Markdown input to be YAML-parsable, because why not (linter exceptions are added to fit the YAML scheme)
# --- # 402 - Payment required - i.e. Curriculum Vitae
## Personal_Information:
- `Name`: Ákos Péter BALLA
- `Date_of_Birth`: YYYY-MM-DD
- `Postal_address`: 1046. Budapest, Utcanév utca 67.
- `Telephone`: [+36.*sha.](tel:+36.*sha.)
### - Internet:
- `Email`: <[email protected]>
- `WWW`: <https://402.balla.cloud>
- `LinkedIn`: <https://www.linkedin.com/in/akosballa>
- `GitHub`: <https://github.com/suhancz>
## Education:
### - Certificates:
#### - Red Hat Certified Specialist in Ansible Automation (EX407):
- `Date`: 2017-09-12
- `ID`: [140-113-325](https://rhtapps.redhat.com/verify?certId=140-113-325)
#### - Red Hat Certified Engineer (EX300):
- `Date`: 2014-09-19
- `ID`: [140-113-325](https://rhtapps.redhat.com/verify?certId=140-113-325)
#### - Red Hat Certified System Administrator (EX200):
- `Date`: 2014-06-20
- `ID`: [140-113-325](https://rhtapps.redhat.com/verify?certId=140-113-325)
### - Schools:
#### - Gábor Dénes Főiskola:
- `Subject`: Information Technology
- `Degree`: DNF # I realized I can learn more at work than in the college
- `Time`: 2003-2008
- `Location`: Budapest, HU
#### - Móricz Zsigmond Technical School:
- `Subject`: Computersystems-Programmer
- `Institute`: Móricz Zsigmond Technical School
- `Degree`: BSc equivalent technical diploma
- `Time`: 2001-2003
- `Location`: Budapest, HU
### - Other:
- `Driving_license_categories`: [AM,B1,B]
## Professional_Experience:
### - Thermo Fisher Scientific:
- `Time`: 2022-01-01 - nowadays
- `URL`: <https://thermofisher.com>
- `Role`: Software Engineer III
- `Tasks`: Maintain IaC and CI/CD in a self-hosted cloud environment, mainly using Ansible
#### - Projects:
- `Anaconda`: Generate IaC setup for the firm's Anaconda service
- `backups`: implement automatic backups of our service data
- `certificates`: Automate the request and update of TLS/SSL certificates among several services
- `CI/CD`: Using GitLab CI, ArgoCD, and Jenkins make sure that software changes are as smooth as possible
- `Code_refactoring`: Unify and simlpify IaC
- `Consul`: Implement Hashicorp Consul across our environment to be able to get metrics from ephemeral virtual machines
- `corporate_certificates`: prepare our server pool for firm-signed TLS/SSL certificates, provide tools and docs for our clients for easy migration
- `CVAT`: Deploy amnd maintain CVAT for image recognition of modern X-ray machines and microscopes
- `Docker`: Set up Docker service hosting both Windows and Linux containers on Windows and Linux servers and vice versa
- `GitLab_performance`: test and optimize GitLab's performance and rate limiting
- `GitHub_runner`: Configure self-hosted GitHub runners for the projects which need it
- `GitLab_runner`: Configure GitLab runners for the projects which need it
- `IBM_RTC`: Maintain the out-of-support IBM Rational Team Concert plant
- `k8s`: Deploy and maintain Kubernetes infrastructure
- `Keycloak`: Deploy and configure Keycloak in k8s to mirror corporate SSO ro our servers
- `Loki`: Deploy and configure Loki in k8s to analyze and alert on logs
- `Monitoring_upgrade`: Switch our monitoring plant from Nagios to Prometheus
- `NIST`: Apply NIST standards to our infrastructure
- `Structurizr`: deploy Structurizr on-premises for our clients with AD integration and group restriction
#### - Technologies_used:
[Anaconda, Ansible, CentOS, CVAT, Docker, GitLab, IBM_RTC, Jenkins, K8s, Keycloak, MongoDB, OpenStack, PostgreSQL, Prometheus, Python, Tanzu, Ubuntu, vSphere, Windows_server]
#### - What_I_learnt:
- `Modern_medicine`: I never imagined before how much Linux servers are behind the tools doctors use nowadays
- `Yak_shaving`: Distractions are sometimes very important
### - Toptal:
- `Time`: 2021-11-01 - 2021-12-31
- `URL`: <https://toptal.com>
- `Role`: CI Engineer
- `Tasks`: Develop continuous integration scripts using Ansible
#### - Technologies_used:
[Ansible, AWS, Azure, Github, Python, Ubuntu]
#### - What_I_learnt:
- `Freelance`: Freelance projects provide much higher income than full-time employment
### - Wandera:
- `Time`: 2020-10-05 - 2021-09-30
- `URL`: <https://wandera.com>
- `Role`: Operations Engineer
- `Tasks`: Maintain IaC in a multi-provider cloud-sceptical environment
#### - Projects:
- `Monitoring_upgrade`: Bring the company's monitoring stack to latest-and-greatest all across our plant
- `k3s`: Deploy and maintain lightweight Kubernetes on most of our cloud infrastructure
- `Virtual_datacenter_builds`: Write and apply the code for several new virtual datacenters across the globe over several cloud providers
- `Proxy_upgrades`: Design and apply the upgrade of our global Squid plant
- `IPSec_tunnels`: Add dedicated IPSec tunnels to new customers
- `Dedicated_datacenters`: Set up dedicated virtual datacenters for bigger customers
- `Code_refactoring`: Unify and simlpify IaC for all old and new customers and datacenters
- `Terraform_upgrade`: Upgrade our code base to be compatible with Terraform 0.13
#### - Technologies_used:
[AWS, Azure, Bitbucket, Equinix_cloud, Github, IBM_Cloud, IPSec, Jenkins, K3s, K8s, MongoDB, OpenTelekomCloud, PostgreSQL, Prometheus, Puppet, Python, RabbitMQ, RDS, Squid, Terraform, Ubuntu, WireGuard]
#### - What_I_learnt:
- `Tech`: I got hands-on experience with diverse cloud providers, widened my Terraform knowledge and learnt plenty of new technology, too
- `Acquisitions`: When an employer is purchased by another company, rules might change a lot
### - Tieto:
- `Time`: 2019-09-02 - 2020-04-24
- `URL`: <https://www.tieto.com>
- `Role`: DevOps consultant (self-employed)
- `Tasks`: Develop CI/CD for Tieto's products, with a wide range of IaC toolset to meet all the requirements of management, developers, QA and production
#### - Projects:
- `BizTalk`: Develop continuous integration/continuous delivery environment, mainly focusing on automated install and configuration of BizTalk server and the backing database
- `Migration_services`: Automate the install of database migration services
#### - Technologies_used:
[Ansible, Microsoft_BizTalk, Microsoft_SQL_Server, OpenStack, Oracle, Windows_Server]
#### - What_I_learnt:
- `Czech_bureaucracy`: starting one's own company is not that scary as it sounds for the first time for a foreigner
- `Teamwork`: not only about professional, but also interpersonal relationships
### - Blackboard:
- `Time`: 2015-05-04 - 2019-08-31
- `URL`: <http://blackboard.com>
- `Role`: DevOps engineer
#### - Departments:
##### - Transact:
- `Time`: 2018-08-27 - 2019-08-31
- `Tasks`: Develop CI/CD for Transact product line, with a wide range of IaC toolset to meet all the requirements of management, developers, QA and production
###### - Projects:
- `Attendance`: Fine-tune the QA environment
- `Campus_Cash`: Develop continuous integration/continuous delivery environment
###### - Technologies_used:
[Ansible, Azure, JenkinsX, Katalon, Kubernetes, Octopus_Deploy, PowerShell, Terraform, Windows_Server]
##### - K12:
- `Time`: 2015-05-04 - 2018-08-27
- `Tasks`: Maintain several K-12 (primary to high school) SAAS products for global customers, including monitoring, troubleshooting, software- and hardware-related issues on a wide range of platforms
###### - Projects:
- `AWS_test_environment`: Build and maintain automated test infrastructure for the Web Community Manager product, develop self-service and reporting toolset for QA staff, set up fault tolerance and self repair
- `Connect`: Maintain the product at <https://www.blackboard.com/notification-system/blackboard-connect.html>, respond on alerts
- `ConnectTXT`: Maintain the product at <https://txttools.co.uk>, respond on alerts, migrate from self-hosted infrastructure to AWS
- `DDOS_protection`: Develop a product-independent solution for protecting our infrastrtucture from DDOS attacks, automatically recognizing robot-like behavior and temporarily blocking suspicious sources. It also includes whitelist and blacklist support for certain user agents and IP ranges
- `Edline_and_GradeQuick`: Maintain the product at <http://edline.net>, respond on alerts, mitigate vulnerabilities, fix hardware failures, move the hardware server plant to the virtual cloud, migrate from Ubuntu to CentOS, build customized Apache modules for the blob servers, mitigate DDOS attacks, prepare the product to be migrated to Web Community Manager, improve the performance of backend filers
- `Legacy_products`: Maintain SchoolFusion, SchoolWorld, SchoolCenter and TeacherWeb products, respond on alerts, mitigate vulnerabilities, fix hardware failures, move the hardware server plant to the virtual cloud, mitigate DDOS attacks, design new database clusters, prepare the products to be migrated to SchoolWires, roll out end-of-life decommissions and regulatory backups
- `Operations_takeover`: During my probation period, while perparing me for daily work all my senior coworkers left the firm, so I had to reverse-engineer and discover all the environment and keep it alive while waiting for needed talent to be recruited. I proactively helped management to choose the needed skills, while responding on alerts and fixing issues in technlology I didn't yet know much about, also fixing hardware in our Chicago datacenter. Later on I transferred all the collected knowledge to my since then joined coworkers
- `Parentlink`: Maintain the product at <https://www.blackboard.com/school-communication-apps/blackboard-mobile-communications-app.html>, respond on alerts, migrate from self-hosted infrastructure to AWS
- `Web_Community_Manager`: Maintain the product at <http://schoolwires.com>, respond on alerts, fix hardware failures, move the hardware server plant to the virtual cloud, mitigate DDOS attacks, prepare other Engage products to be migrated to Web Community Manager
###### - Technologies_used:
[Amazon_Linux, Ansible, Apache, AWS, Bamboo, Bash, Bitbucket, BTRFS, CentOS, Chef, Cisco_ASA, CloudWatch, EC2, F5_BigIP, FreePBX, IAM, IIS, IIS, InSpec, JaCL, Jenkins, memcached, Microsoft_SQL_Server, MongoDB, MySQL, Nagios, NetApp, NewRelic, NginX, PHP, PostgreSQL, PowerShell, Python, RDS, S3, Selenium, SNS, Solaris, SonarQube, TeamCity, TCL, TestRail, Tomcat, Ubuntu, VictorOps, vSphere, WebScreen, Windows_Server, WSGI, ZFS]
#### - What_I_learnt:
- `Doing_good`: Working for a company doing good (such as education-related business in this case) makes the employee feel more motivated
- `Internal_employment`: I do prefer to work as an internal employee as it is much easier to agree on budgets, timelines and priorities when all involved parties work towards the exactly same goal
- `EAFP`: I learnt a very important principle for work efficiency
### - IBM:
- `Time`: 2012-08-01 - 2015-04-30
- `URL`: <http://ibm.com>
- `Role`: Middleware operator
#### - Departments:
##### - Overtime_tool_development:
- `Time`: 2014-03-01 - 2015-04-30
- `Tasks`: Develop IBM GSDC Brno's internal software to track operations people's overtime and count their reward vacation and payment
###### - Technologies_used:
[LDAP, MySQL, PHP]
##### - Dansk_Supermarked_Gruppen:
- `Time`: 2014-03-01 - 2015-04-30
- `Tasks`: Maintain the customer's e-commerce suite, develop maintenance toolset, fine-tune web servers, servlet containers and monitoring
###### - Projects:
- `Domain_sharding`: Spreading requests between the Content Delivery Network for serving the website faster on <https://www.bilka.dk>
- `Package_maintenance`: Configure, compile and keep up-to-date the Apache package and related modules serving <https://www.bilka.dk>
- `SSL_and_SPDY_enablement`: Upgrade the <http://www.bilka.dk> plant to serve SSL-only, using the SPDY protocol
###### - Technologies_used:
[Apache, CA_Introscope_Wily, Hybris, mod_jk, mod_pagespeed, mod_spdy, mod_ssl, Red_Hat_Satellite, RHEL, RPM, Tomcat]
##### - IMT_Italy:
- `Time`: 2012-08-01 - 2014-02-28
###### - Projects:
- `IHS`: Maintain and support our clients' Apache-based IBM HTTP Server on several platforms. Problem solving and troubleshooting issues
- `Snapshot_automation`: Develop multi-platform toolset for massive snapshot of services in a diverse environment. Checking all services' current state, health, configuration and version, look for error patterns and prepare reports
- `WebSphere`: Maintain and support our clients' WebSphere Application Servers on several platforms. Problem solving and troubleshooting issues
- `WebSphere_MQ`: Maintain and support our clients' WebSphere MQ systems on several platforms. Problem solving and troubleshooting issues
###### - Customers:
[Aedificatio, Alfa_Gomma_S.p.A., Ania, Banca_Delle_Marche, Bankadati, Bit_Systems, Bolton, Cassa_Depositi, CNH, Electrolux, Fiat_Group_Automobiles_S.p.A., Fincantieri, Firema_Transporti_S.p.A., Gruppo_COIN_S.p.A., Gruppo_PAM_S.p.A., Indesit, Interbanca_S.p.A., IVECO, Mediamarket, Miriade_SRL, Montenegro_S.p.A., PUBLITALIA, Seves_S.p.A., TRENITALIA, Zambon_group_S.p.A.]
###### - Technologies_used:
[AIX, IHS, KSH, RHEL, WebSphere, WebSphere_MQ, Windows_Server]
#### - What_I_learnt:
- `Challenge`: More technical challenge means more fun
- `Huge_offices`: Huge offices help to fit in the local community as plenty of citizens work at the same office
### - Morgan Stanley:
- `Time`: 2008-09-29 - 2012-07-23
- `URL`: <http://ms.com>
- `Role`: UNIX L3 web infrastructure operator/engineer
#### - Projects:
- `BlueCoat`: Migrate the iMimic proxy plant to the new BlueCoat plant. Set up monitoring, content filtering and HA clustering
- `ClientLink`: Maintain the thousands of servers behind <https://secure.ms.com> including High Availability, Monitoring, installs and decommissions of the server applications
- `Entitlement_checking_tool`: A script which runs through thousands of LDAP and UNIX groups to check if a user or a group should or shouldn't have access to several resources
- `FB_IPO`: Prepare the web server plant for Facebook's Initial Public Offering
- `GM_IPO`: Prepare the web server plant for General Motors' Initial Public Offering
- `Intrusion_forensics`: Proactively attended the forensics and recovery of Anonymous' “Operation Aurora” attack on the firm in the end of 2009
- `Matrix`: Maintain the thousands of servers behind <https://matrix.ms.com> including High Availability, Monitoring, installs and decommissions of the server applications
- `NOEnergy_IPO`: Prepare the web server plant for the Norvegian energy provider's Initial Public Offering
- `Optier_Corefirst`: Set up the initial OpTier Corefirst plant for the firm's Apache and Tomcat servers
- `OSQA`: Set up the initial OSQA plant for the firm's internal use
- `Outage_packs`: Develop a script to collect so-called “outage packs” for Java-based server applictions. The tool is executed on server-side issues and collects stack traces, thread- and heap dumps, also several info about the HW and the OS
- `Package_maintenance`: I've been the primary maintainer of the Apache, and the Midnight Commander packages in the Firm's internal RHEL fork
- `TWiki`: Development of text mining software to separate operations-, engineering- and end-user documents
- `Vignette_Portal`: Upgrade the Vignette Portal plant from version 4.3 to 7.2, develop migration tools
- `Web_Plant_stack_upgrade`: Script the workflow of migrating thousands of web and app servers to the latest-and-greatest version, build custom internal modules
- `Weekly_change_alerts`: Develop a tool which checks open change requests and alerts affected groups to attend the weekly planning meeting and keeps them aware of the change schedule
#### - Technologies_used:
[AFS, Apache, BlueCoat, CA_AutoSys, CA_SiteMinder, Cisco_CSS, F5_BigIP, iMimic, JaCL, Java, Juniper, Kerberos, KSH, LDAP, LightStreamer, OpTier_Corefirst, OSQA, Perl, RHEL, RPM, ServletExec, Solaris, Sybase, TCL, Tomcat, TWiki, Vignette]
#### - What_I_learnt:
- `Code_of_conduct`: „Always keep your sense of humor” was the most agreeable requirement I ever signed
- `Follow_the_Sun`: Global teams make operations much easier and more comfortable
- `Strict_rules`: Strict rules are to help employees work together without any clash of interests
### - EuroMACC ltd:
- `Time`: 2006-03-01 - 2008-09-26
- `URL`: <http://euromacc.com>
- `Role`: QA engineer
#### - Projects
- `CosmOSS`: Write automated test scripts and end-user documentation for the CosmOSS Telco Classic, CosmOSS Telco Blue, and CosmOSS Telco Quad products
- `hIPer`: Develop a multiplatform deployment tool for the product, write automated test scripts and end-user documentation
- `hIPer_Util`: Make the product available for High Availability clustering, Develop a multiplatform deployment tool for the product, write automated test scripts and end-user documentation
- `WebCare`: Write automated test scripts
#### - Technologies_used:
[Apache, ArchLinux, AS/400, BASH, Bugzilla, CA_AutoSys, CentOS, DB2, Debian, FreeBSD, Gentoo, Heartbeat, HP-UX, Java, KSH, NFS, Oracle, PHP, PostgreSQL, Rational_Robot, Rational_TestManager, SlackWare, SQABasic, Testopia, Tomcat, Ubuntu, Windows]
#### - What_I_learnt:
- `Automation`: Automated workflow saves plenty of time for the employee
- `Small_companies`: Small, local companies are friendly environments to work at
## Soft_skills:
- business English
- coaching
- interviewing
- knowledge share
- working in global virtual teams
## Language_skills:
- `Czech`: intermediate
- `English`: advanced
- `German`: beginner
- `Hungarian`: native
- `Italian`: beginner
## Hobbies_and_interests:
[capoeira, cycling, demoscene, geocaching, new_technology, reading, travelling]