I'm a Linux and Ansible specialist with a DevOps mindset.
Would you like to know more?

Blog posts

2016 Jun 02 - Protecting your servers against ImageTragick (CVE-2016-3714) and CVE-2016-5118 using Ansible

2016 May 19 - Applying two-factor authentication to SSH logins with Duo Security

2016 May 12 - Running ownCloud on DirectAdmin server with Nginx and PHP-FPM


Here's a list of stuff I'm currently building or have built in the past. To read more about my technical background, read my about page.

Puppet VMware Python Atlassian JIRA Bitbucket Confluence Bamboo Nexus

As a DevOps engineer, I’ve been tasked to setup a new fully automated platform. Customers will be able to request a dedicated, Atlassian-stack based DTAP environment in a private cloud. Other tools like Jenkins and Rundeck may be added to the stack. I developed a Python tool that reads configuration from Puppet Hiera and consequently creates the necessary virtual machines in a VMware vCloud environment. It will also configure a private LAN for the customer as well as networking (SNAT) and firewalling rules. The public internet facing proxy servers, running nginx, will receive a signal to update their configuration. Aside from creating the DTAP environment, documentation and instructions for maintenance and provisioning new customers must be created. A follow-up project consists of migrating current customers to a new, private cloud.

Other software used:

  • Vagrant
  • PostgreSQL
  • OpenDJ (LDAP server)

Avisi BV

Custom software development, powered by passion. Delivering software projects to customers from startups & SMB's to Fortune 500 companies.


A reliable, full service Managed Hosting provider.

DevOps Ansible ElasticSearch Mongo RabbitMQ HAProxy Varnish Nginx NodeJS Docker Graylog Kibana Logstash Memcached PostgreSQL Python Redis Ruby

I helped deploy Ansible Tower. At the time of writing Tower was being used to apply configurations to more than 150 servers every day. These configurations consist of self-written ‘roles’ aswell as the playbooks themselves. I deployed many different server setups, all using ansible playbooks, such as:

  • Magento setup:
    • This setup hosts Magento-based CMS sites.
    • Nginx is optimized with Magento-specific settings.
    • It uses NFS shared storage on a NetApp cluster.
    • Backups are made amongst others with Bacula.
    • PHP is running in php-fpm mode.
    • There is a Redis instance per website for caching.
  • Trytond setup:
    • This setup uses nginx with gunicorn as backends.
    • PostgreSQL is used as a databasebackend and Sphinx / searchd for the search functionalities.
    • Python Trytond is installed into a virtualenv.
    • Redis is used as a caching backend.
    • Every service is controlled with systemd templates.
  • Plone CMS setup:
    • This setup is load-balanced using HAProxy on a number of Zope workers and Zope database hosts.
    • Each worker runs Varnish with a number of backends for each site. These are all periodically probed and removed from the pool if they are no longer responding.
    • The customer requested ansible playbooks on one of the worker to easily deploy and update sites.
  • Docker setup:
    • This customer uses docker extensively for deploying and automatically scaling websites.
    • Containers are limited to customer-specific networks.
    • Docker networks and nginx are managed with Ansible.
  • ElasticSearch / MongoDB / PostgreSQL / RabbitMQ / Redis cluster:
    • This setup contains a number of database servers and worker servers.
    • All services are running in either cluster mode or master/slave mode.
    • Workers run apps, written in go, that are exposed to the internet via nginx.

Besides engineering new setups and clusters, customers often requested a way of testing their software on their servers, without using the “live” servers. I used Packer to create Vagrant boxes that are identical to their production servers.

I also wrote a number of tools in Python:

Other duties include customer contact via phone and e-mail (3rd line support), configuring Cisco / NetApp infrastructure, implement firewalling and VPN using Juniper and pfSense appliances and implementing two-factor authentication for SSH.

Puppet VMware PHP Ubuntu Python C# Apache MySQL

My job at TIW was two-fold: I was a Linux Engineer but also Manager of the department. As Linux engineer, my job mainly consisted of the following:

  • Managing 200+ web, mail, dns and database servers for the Shared Hosting platforms.
  • Implementing Puppet, DNSSEC, IPv6.
  • I created an Asterisk VoIP telephony system.
  • Migrated many servers from DirectAdmin, Ensim, cPanel etc to our own Control Panel.
  • Managing the network (BGP peerings and transits, IPv6 and uplinks).
  • Connecting our network to the AMS-IX and NL-IX.
  • Automatically creating VMWare virtual machines by implementing the C# API.
  • Engineering and developing the new Shared Hosting platform.
  • Developing systems administration scripts and services in Python, C# and Perl.
  • Developing and maintaining the Hosting and Domain names Control Panel for customers.
  • Third line support.

As Manager Engineering, I was responsible for the following:

  • Implement project management using Kanban/Scrum.
  • Lead the Engineering team (“Scrum” master).
  • Have periodic performance meetings with team members.
  • Ensure the company policies were applied and kept to.
  • Ensure the departmental planning were in line with corporate strategies.
  • Create and monitor budgets.
  • Measure and report on results of the department.
  • Describe, implement and ensure departemental processes.

Totaalnet Internet Works

A webhosting company in the Netherlands, hosting over 120.000 domain names and websites.